Suspicious File Alert

Tripolis · Jan 12, 2014

Hey,
some mails about "Suspicious File Alert" have arrived.

I know what it is but the message comes.
/tmp/

Is there a problem to delete all files in /tmp/ ?
A cronjob can by handle this automatical?

Regards

carlosbss · Jan 12, 2014

It could be a probl as it deletes session files and probably some temp files for programs running. But you could make a cron to delete all .zip, .php and so on.

Tripolis · Jan 12, 2014

Okay, but programms ( website ) use there own cache i thought.
Many folders in there.

ThinIce · Jan 13, 2014

If the file is actually malicious, it would be good to discover via which account it is being uploaded and close any scripting vulnerability or compromise allowing the upload. Is your tmp mounted in a "secure" fashion?

Many php scripts will just use the values set by php for session.save_path and upload_tmp_dir unless they have been configued to use areas within the account itself.

cPanelMichael · Jan 13, 2014

Hello

This message is from your third-party LFD application. You can find a similar thread at:

Suspicious File - Tracking Where It's From

Thank you.

Thread starter	Similar threads	Forum	Replies	Date
	Suspicious File Alert	Security	2	Jun 14, 2021
R	lfd Suspicious File Alert after Acronis installation	Security	3	Nov 20, 2019
S	SOLVED lfd on Suspicious File Alert /tmp/.cpan/build/Scalar-List-Utils*	Security	3	Jan 31, 2019
E	Suspicious File Alert	Security	1	Nov 13, 2018
N	Suspicious File Alert	Security	2	Oct 30, 2018

Search

Search

Suspicious File Alert

Tripolis

Active Member

carlosbss

Member

Tripolis

Active Member

ThinIce

Well-Known Member

cPanelMichael

Administrator