serious problem of phishing sites

H

hozyali

Well-Known Member
Jan 24, 2007
46
0
156
Its been several weeks now. My cpanel server is continuously having phishing attacks. My server's ssh port is also different.
I have firewall also enabled. I also had a server admin who checked, but he could not find the root cause.

I suspend the users, but the phishing comes on another user next day.

Please help.
 
S

storminternet

Well-Known Member
Nov 2, 2011
460
0
66
cPanel Access Level
Root Administrator
Generally phishing scams, injections appears when you run outdated cms, applications, weak coded scripts. In order to avoid such issues you should run updated software, plugins, themes, secure cms passwords, ftp passwords etc.

In addition to this if you use modsecurity with updated rules then it should avoid such issues.
 
Q

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
storminternet said:
Generally phishing scams, injections appears when you run outdated cms, applications, weak coded scripts. In order to avoid such issues you should run updated software, plugins, themes, secure cms passwords, ftp passwords etc.

In addition to this if you use modsecurity with updated rules then it should avoid such issues.
Click to expand...
All good advice.

Also, are you protected against cross-account symlink attacks? When I see constant phishing on servers that aren't root compromised, it's usually because of a symlink hack used to gain credentials.
 
monarobase

monarobase

Well-Known Member
PartnerNOC
Jan 26, 2010
529
21
68
France
cPanel Access Level
Root Administrator
Install configderver cxs and put any sites offline that have been hacked. Also look for symlinks in all customers folders if you are not using cloudlinux+cagefs. If it's à symlinks attack you will have to change all mysql passwords and implement a solution so symlinks don't allow cross site access.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
D Seriously, why was AutoSSL changed? Security 3
ZacharyR cPanel Disable SSL Login is seriously not working! Security 2
J Root access alert, serious or not? Security 15
B phpthumb serious Security Problem (of interest to all users) Security 0
musicrat Serious help needed with my cPanel Security 1
Similar threads
Seriously, why was AutoSSL changed?
cPanel Disable SSL Login is seriously not working!
Root access alert, serious or not?
phpthumb serious Security Problem (of interest to all users)
Serious help needed with my cPanel
Top Bottom