sajithgsm

Active Member
Jun 9, 2020
31
8
83
Sri Lanka
cPanel Access Level
Root Administrator
Dear Team,

I'm getting sometimes these types of emails.


Subject: lfd on xxx.xxxxxx.com: Suspicious File Alert

Body:
Time: Mon Jun 14 00:05:05 2021 +0530
File: /tmp/lshttpd/bak_core/core.31025
Reason: Linux Binary
Owner: nobody:nobody (99:99)
Action: No action taken


I will delete that files from the terminal when I get such an email. I wanted to know, what are the reasons for generating such big files on the /tmp folder?
 

ZenHostingTravis

Well-Known Member
PartnerNOC
May 22, 2020
275
95
28
Australia
cPanel Access Level
Root Administrator
Hi @sajithgsm,

I'm not in a place to answer your question but the following post addresses how you can make changes so the files are not stored in /tmp/.


Please make a backup of any important file(s) before making any changes.

Better to be safe than sorry.

Hope that helps!
 

cPJustinD

Administrator
Staff member
Jan 12, 2021
286
51
103
Houston
cPanel Access Level
Root Administrator
Hello sajithgsm! Our analysts may need to look at what is being stored in /tmp to properly verify what is occurring. I think it would be best to open a support ticket so that our analysts can review the issue more thoroughly and determine what exactly is occurring. You can submit a support request using the "Submit a ticket" link in my signature below.

Please be sure to link this thread when opening the ticket and provide the ticket number here so that we can track the issue appropriately. If possible, please post the resolution on this thread as it may help other community members with similar issues.