The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Site keeps getting hacked

Discussion in 'General Discussion' started by CamronFry, Apr 7, 2005.

  1. CamronFry

    CamronFry BANNED

    Joined:
    Jan 1, 2005
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    0
    I have a site that keeps getting hacked, in the /var/log/secure I see:
    Apr 7 00:07:43 server126 Cp-Wrap[15356]: Pushing "32035 CHECKDB black_phpb1" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32035


    How is someone able to run cp-wrap remotely?
     
  2. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    You can stopp hackers and spammers from using your server for their games and such by applying security patches and related programs. PM me if you need help!
     
  3. gorilla

    gorilla Well-Known Member

    Joined:
    Feb 3, 2004
    Messages:
    699
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Sydney / Australia
    have you installed mod_security and upgraded your phpbb2 forum to 2.0.13 ?
     
  4. hostultra

    hostultra Well-Known Member

    Joined:
    Aug 21, 2002
    Messages:
    167
    Likes Received:
    0
    Trophy Points:
    16
    That message is not your problem.
    cp-wrap just means a script running from a logged in cpanel user.

    The problem is how they logged into the cpanel in the first place.
    Probably your using the same mysql password as your cpanel and the hacker is reading your config.php to get the password.
     
Loading...

Share This Page