root-level compromised

A

ashrafpro

Member
Jan 11, 2018
6
0
1
Cairo
cPanel Access Level
Root Administrator
Hi,
cPanel support reported that my server is root-level compromised, and it can't be fixed, I must move to a new one and delete it.
As soon as I install cPanel, I install firewalld to block all connections to server except from certain IPs (Cloudflares), change SSH port, block all ports even cPanel until I need it.
I am feeling depressed and asking if there is something extra I should do, so not to face this issue again?
virus is: /lib64/libtsr.so, it is causing MYSQL to be always 500% and over.
 

Attachments

cPanelLauren

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,298
1,279
313
Houston
Hello,

This question would be best answered by the Technical Support analysts in the ticket, based on the specific issue with the server you encountered. If you provide me the Ticket ID I can check in on the ticket there and ensure that was done for your issue.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
Spirogg SOLVED looking in /opt I see ai-bolit - but I cannot access that directory via root access of my server? Security 7
R Auto banning IPs snooping web root? Security 4
R In Progress CPANEL-39889 - Cron <[email protected]> /usr/local/cpanel/3rdparty/bin/freshclam --quiet --no-warnings Security 24
V SOLVED WHM Root working but SSH Says password invalid Security 3
S Site with root access level. Security 5
Similar threads
SOLVED looking in /opt I see ai-bolit - but I cannot access that directory via root access of my server?
Auto banning IPs snooping web root?
In Progress CPANEL-39889 - Cron <[email protected]> /usr/local/cpanel/3rdparty/bin/freshclam --quiet --no-warnings
SOLVED WHM Root working but SSH Says password invalid
Site with root access level.
Top Bottom