The Community Forums

Interact with an entire community of cPanel & WHM users.
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problem about account been hacked

Discussion in 'Security' started by mariaasuka24, Feb 5, 2015.

  1. mariaasuka24

    mariaasuka24 Registered

    Joined:
    Apr 14, 2014
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Hello all!

    I saw a few threads on this put nothing there helped me.

    I saw that one of my accounts were compromised causing high server loads. I find some files such as in a new directory "log" with the file "error.php".

    I tried deleting it but it keeps reappearing. Meaning I run the rm -rf error.php command under root, then it appears the file to be removed but then I run ls -l and the file is back. I tried "chown", "chmod", chattr -i, etc. nothing seems to work.

    the output for chattr -i is "-----------e" not sure what that means

    Cpanel is not working either.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Your access level is listed as "Website Owner". However, based on your initial post, I assume you have root access to this server. The following thread answers a similar question:

    What log files to check after an account gets hacked/defaced?

    You should also review the "Security Advisor" option in WHM to ensure you are implementing configurations that allow for protection against common hacks.

    Thank you.
     
Loading...

Share This Page