Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Problem about account been hacked

Discussion in 'Security' started by mariaasuka24, Feb 5, 2015.

  1. mariaasuka24

    mariaasuka24 Registered

    Joined:
    Apr 14, 2014
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Hello all!

    I saw a few threads on this put nothing there helped me.

    I saw that one of my accounts were compromised causing high server loads. I find some files such as in a new directory "log" with the file "error.php".

    I tried deleting it but it keeps reappearing. Meaning I run the rm -rf error.php command under root, then it appears the file to be removed but then I run ls -l and the file is back. I tried "chown", "chmod", chattr -i, etc. nothing seems to work.

    the output for chattr -i is "-----------e" not sure what that means

    Cpanel is not working either.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,705
    Likes Received:
    1,791
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    Your access level is listed as "Website Owner". However, based on your initial post, I assume you have root access to this server. The following thread answers a similar question:

    What log files to check after an account gets hacked/defaced?

    You should also review the "Security Advisor" option in WHM to ensure you are implementing configurations that allow for protection against common hacks.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice