Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Root suspended account ..... but what actually happened?

Discussion in 'General Discussion' started by S400, Jul 5, 2017.

  1. S400

    S400 Registered

    Joined:
    Jul 5, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Website Owner
    Hi,

    Maybe I have signed up to the right or wrong group .... but I have no idea where I can get an answer from - so starting in this group.

    Below I have put the text of a message I received today. "root" suspended my account, though the ISP Provider has now restored it.

    BUT .... I cannot get ANY information that I can understand about the problem that caused my web site and email accounts to be suspended.

    1. What does following message mean?
    2. What (high level - not too technical) was done?
    3. What should I do to prevent it from happening again?
    I have anonymised the IP addresses involve:-

    Offending/Source IP: xxx.xxx.xxx.xxx
    - Issue: Host banned for sending commands meant to run commands via the local shell. This is often found with bots sending raw PHP commands to malware.
    - Block Type: New Ban
    - Time: 2017-mm-dd hh:mm:ss-07:00
    - Port: 80
    - Service: http
    - Report ID: 17f033da-1816-4edd-be41-xxxxxxxxxxxx
    - Bot Fingerprint: a394f5edde9b2eee3d4ba733838713bf
    - Bot Information: [Removed]
    - Bot Node Feed: [Removed]
    - Abused Range: [Removed]
    - Requested URI: /right_column.php
    - User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
    - GET/POST Arguments Sent: sc, _f_wp, ev​
     
    #1 S400, Jul 5, 2017
    Last edited by a moderator: Jul 5, 2017
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    It looks like a message from your web hosting provider notifying you that your shared hosting account was suspended due to abuse by a PHP script uploaded to your account. You'd need to review the "right_column.php" file to determine what it does , or consult with your web hosting provider to see if they can provide you with additional information regarding the reason they suspended your account.

    Thank you.
     
Loading...

Share This Page