root-level compromised

A

ashrafpro

Member
Jan 11, 2018
6
0
1
Cairo
cPanel Access Level
Root Administrator
Hi,
cPanel support reported that my server is root-level compromised, and it can't be fixed, I must move to a new one and delete it.
As soon as I install cPanel, I install firewalld to block all connections to server except from certain IPs (Cloudflares), change SSH port, block all ports even cPanel until I need it.
I am feeling depressed and asking if there is something extra I should do, so not to face this issue again?
virus is: /lib64/libtsr.so, it is causing MYSQL to be always 500% and over.
 

Attachments

cPanelLauren

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,254
313
Houston
Hello,

This question would be best answered by the Technical Support analysts in the ticket, based on the specific issue with the server you encountered. If you provide me the Ticket ID I can check in on the ticket there and ensure that was done for your issue.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
N Security Questions for root (WHM) only (and not cPanel users) ? Security 2
A SSH direct root logins Security 2
B chkrootkit email says Suspect directory dev/rd/cdb FOUND! Security 1
chanklish SSH access for a non root user Security 2
O But my server has been set in the cpanel console to prohibit ROOT SSH login, now my authorization has expired, I want to follow the new authorization, Security 1
Similar threads
Security Questions for root (WHM) only (and not cPanel users) ?
SSH direct root logins
chkrootkit email says Suspect directory dev/rd/cdb FOUND!
SSH access for a non root user
But my server has been set in the cpanel console to prohibit ROOT SSH login, now my authorization has expired, I want to follow the new authorization,
Top Bottom