Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Round Cube Suspicious process

Discussion in 'General Discussion' started by atlantis21, Oct 24, 2012.

  1. atlantis21

    atlantis21 Well-Known Member

    Joined:
    Sep 18, 2012
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hello everybody,
    I have this message:

    Executable:

    /usr/local/cpanel/3rdparty/bin/php-cgi


    Command Line (often faked in exploits):

    /usr/local/cpanel/3rdparty/bin/php-cgi -c /usr/local/cpanel/3rdparty/etc/roundcube /usr/local/cpanel/base/3rdparty/roundcube/index.php

    What this means?:confused:
     
    #1 atlantis21, Oct 24, 2012
  2. CitizenK

    CitizenK Well-Known Member

    Joined:
    Jun 5, 2012
    Messages:
    64
    Likes Received:
    1
    Trophy Points:
    58
    Location:
    On The Road
    cPanel Access Level:
    Root Administrator
    The processes you have listed above are cPanel processes and you do not need to be concerned about them.

    The binary /usr/local/cpanel/3rdparty/bin/php-cgi is cPanel's version of php that serves out roundcube, webmail, cPanel interface and WHM. This version of php that runs cPanel services is separate from the version that is run on the websites on the server. The full command that you included is the command where roundcube is being executed through cPanel's PHP.
     
    #2 CitizenK, Oct 24, 2012
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,679
    Likes Received:
    299
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    That message came from CSF. More reading here on this sort of thing.
    ConfigServer Scripts Forum • View topic - Process Tracking and csf.pignore
     
    #3 Infopro, Oct 24, 2012
  4. atlantis21

    atlantis21 Well-Known Member

    Joined:
    Sep 18, 2012
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Ok, So I recive e-mail with this notification, when somebody open Round Cube from cPanel (e.g Webmail).
    If this is true, why this is Suspicious process?

    Anybody who have cPanel details, may access to Webmail and open Round Cube...
     
    #4 atlantis21, Oct 24, 2012
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,679
    Likes Received:
    299
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Did you read the details at that link? The answers you seek can be found there. In that thread and on that forum as well. CSF is not supported by cPanel. It's an great product created by ConfigServer Services and support for it, is on that forum at the link above.

    Hope that helps!
     
    #5 Infopro, Oct 24, 2012
  6. atlantis21

    atlantis21 Well-Known Member

    Joined:
    Sep 18, 2012
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Thanks :)
     
    #6 atlantis21, Oct 25, 2012
(You must log in or sign up to post here.)
Loading...
Similar Threads - Round Cube Suspicious
  1. Saeedpasafkand

    RoundCube Indicates an Older Time , in SENT

    Saeedpasafkand, Sep 13, 2017, in forum: E-mail Discussions
    Replies:
    3
    Views:
    91
    cPanelMichael
    Sep 14, 2017
  2. SactoBob

    Replace Roundcube logo on a per account basis

    SactoBob, Aug 10, 2017, in forum: User Experience
    Replies:
    3
    Views:
    173
    cPanelMichael
    Aug 29, 2017
  3. coursevector

    RoundCube Redirect Issue with IE11 Win7

    coursevector, Jul 28, 2017, in forum: E-mail Discussions
    Replies:
    9
    Views:
    273
    cPanelMichael
    Aug 30, 2017
  4. Masimo

    HELO name problem on roundcube

    Masimo, May 25, 2017, in forum: E-mail Discussions
    Replies:
    2
    Views:
    298
    Masimo
    May 25, 2017
  5. Trunks

    skip roundcube for specific accounts

    Trunks, May 6, 2017, in forum: Workarounds and Optimization
    Replies:
    2
    Views:
    210
    Trunks
    May 8, 2017

Share This Page