Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Site keeps getting hacked

Discussion in 'General Discussion' started by CamronFry, Apr 7, 2005.

  1. CamronFry

    CamronFry BANNED

    Joined:
    Jan 1, 2005
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    156
    I have a site that keeps getting hacked, in the /var/log/secure I see:
    Apr 7 00:07:43 server126 Cp-Wrap[15356]: Pushing "32035 CHECKDB black_phpb1" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32035


    How is someone able to run cp-wrap remotely?
     
  2. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    4
    Trophy Points:
    193
    Location:
    Minneapolis, MN
    You can stopp hackers and spammers from using your server for their games and such by applying security patches and related programs. PM me if you need help!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. gorilla

    gorilla Well-Known Member

    Joined:
    Feb 3, 2004
    Messages:
    695
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Sydney / Australia
    have you installed mod_security and upgraded your phpbb2 forum to 2.0.13 ?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. hostultra

    hostultra Well-Known Member

    Joined:
    Aug 21, 2002
    Messages:
    167
    Likes Received:
    0
    Trophy Points:
    166
    That message is not your problem.
    cp-wrap just means a script running from a logged in cpanel user.

    The problem is how they logged into the cpanel in the first place.
    Probably your using the same mysql password as your cpanel and the hacker is reading your config.php to get the password.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice