Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Security Advisor email notifications not working?

Discussion in 'E-mail Discussion' started by QubeRoot, May 9, 2019.

  1. QubeRoot

    QubeRoot Registered

    Joined:
    May 9, 2019
    Messages:
    4
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi.

    We're running cPanel v78.0.23. On previous cPanel installs we have received email notifications from Security Advisor when new kernels are available, or when reboots are required etc. However our current server seems to not be doing this. On logging in to WHM there are reboot required and new kernel available notifications visible in Security Advisor, but we've received no emails to this effect - meaning that we're currently having to log in to the server daily to check it.

    We have email addresses correctly configured in Contact Manager, with email set to receive notifications of all importances (i.e. high+medium+low). The 'Security Advisor State Change' notification type has an importance of high, so I would expect to be receiving emails.

    We do receive regular 'Excessive number of failed login attempts ...' emails from the server to the email addresses configured in Contact Manager, so I don't think this is a problem with email per-se. It just seems to be Security Advisor (and perhaps some other services, who knows?) that are failing to send messages.

    Any advice would be gratefully received.

    (Are there any logs that I can check to confirm whether an attempt is being made to send by Security Advisor to send notification emails?)

    Thanks in advance.
     
  2. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,262
    Likes Received:
    481
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hello @QubeRoot

    They should be logged to the cPanel error logs at
    Code:
    /usr/local/cpanel/logs/error_log
    And there should be an exim transaction which would be present at
    Code:
    /var/log/exim_mainlog
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. QubeRoot

    QubeRoot Registered

    Joined:
    May 9, 2019
    Messages:
    4
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Thanks for the suggestions @cPanelLauren.

    I've checked /usr/local/cpanel/logs/error_log and can indeed see an entry:

    New Security Advisor notifications with High importance

    This is burried among a number of entries, which all seem to originate from the fix-cpanel-perl script, which is running from cron at the same time

    However, I can see nothing in the Exim log on/since the date of the notification above to suggest that an email was sent (I've grepped on advisor, notification etc to no avail).

    On further inspection of /usr/local/cpanel/logs/error_log, I can see various

    info [queueprocd] chkservd::Notify Notification
    info [queueprocd] cPHulk::Login Notification

    entires corresponding to email notificaitons that were sent (and received), so I would expect to see something similar from Security Advisor, but do not.

    Do you have any idea why Security Advisor might not be sending messages, or suggestions for anything else I might look at to try to debug to problem?
     
  4. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,262
    Likes Received:
    481
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Can you please open a ticket using the link in my signature? Once open please reply with the Ticket ID here so that we can update this thread with the resolution once the ticket is resolved.


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. QubeRoot

    QubeRoot Registered

    Joined:
    May 9, 2019
    Messages:
    4
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi @cPanelLauren,
    Unfortunately I can't submit a support ticket at this time. We have some data policy restrictions on the server that prohibit overseas access.
    Can you think of anything else that I might investigate myself? If not, I'm tempted to add a cron script to to the necessary checks and fire off a security advisior email by calling `/scripts/check_security_advice_changes --notify` directly
     
    cPanelLauren likes this.
  6. QubeRoot

    QubeRoot Registered

    Joined:
    May 9, 2019
    Messages:
    4
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hi @cPanelLauren,
    FYI I've added a cron job as above, which seems to be working fine.
     
  7. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,262
    Likes Received:
    481
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @QubeRoot


    I'm glad to hear that the cron is working, thanks for letting us know what you did to solve the issue.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice