The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security precautions before Restoring an account

Discussion in 'Security' started by Rane, Apr 6, 2011.

  1. Rane

    Rane Registered

    Joined:
    Apr 6, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    51
    We have a number of clients that purchase WHM reseller accounts from us, who then in turn offer web hosting services from them.

    Frequently, our WHM resellers give us a cPanel Backup from one of their customers and ask us to restore it from the WHM main account.

    Since we are somewhat removed from the actual person who made the Backup, we are concerned about possible server compromises by Restoring an unknown Backup file.

    In other words, possible server exploits by running:

    /scripts/restorepkg <user>


    Does anyone take any precautions prior to or after Restoring an unknown Backup?


    Thank you
     
    #1 Rane, Apr 6, 2011
  2. bhd

    bhd Well-Known Member

    Joined:
    Sep 20, 2003
    Messages:
    149
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    JNB ZA
    cPanel Access Level:
    Root Administrator
    You referring to a backup that was created on a different cPanel server to your own servers I presume. We have never been asked by on of our resellers to do that, but I must say, I would be cautious. What I would probably do is to google the domain(s) in the archive to see if there are any reports of malware, viruses etc being reported in the last few months and also the basics like who owns the domain, when it was registered, what kind of site it is, check cached pages etc.

    For example if the domain being restored is hackersRus.TLD I wouldn't touch it. (Wouldn't host it either).

    (I would also want to know who the previous host was and what version of cPanel they were running)
     
    #2 bhd, Apr 8, 2011
(You must log in or sign up to post here.)
Loading...
Similar Threads - Security precautions before
  1. Spork Schivago

    ModSec shows security scanner scanning 127.0.0.1

    Spork Schivago, Jun 21, 2017 at 11:01 AM, in forum: Security
    Replies:
    13
    Views:
    114
    fuzzylogic
    Jun 24, 2017 at 5:33 PM
  2. Rockforduk

    Modsecurity & Comodo WAF

    Rockforduk, Jun 16, 2017, in forum: Security
    Replies:
    3
    Views:
    79
    fuzzylogic
    Jun 16, 2017
  3. Dansih

    warning email () has been disabled for security reasons

    Dansih, Jun 13, 2017, in forum: E-mail Discussions
    Replies:
    3
    Views:
    63
    webhostuk
    Jun 15, 2017
  4. Keith007

    EA4 Mod security Fails

    Keith007, Jun 12, 2017, in forum: EasyApache
    Replies:
    3
    Views:
    64
    cPanelMichael
    Jun 13, 2017
  5. albatroz

    black, gray and white box security testing tools for web application testing

    albatroz, Jun 12, 2017, in forum: Security
    Replies:
    1
    Views:
    43
    cPanelMichael
    Jun 13, 2017

Share This Page