Suspicious process running under user

Nov 3, 2018
9
1
3
Netherlands
cPanel Access Level
Root Administrator
Is there a way I could ignore the "Suspicious process running under user" for...

/home/virtfs/username/opt/cpanel/ea-php72/root/usr/bin/php-cgi
/opt/cpanel/ea-php72/root/usr/bin/php-cgi

...via ConfigServer Security & Firewall -> "csf.pignore, Process Tracking"...

...without using php72?

I would like to ignore the php-cgi for all (current and future) PHP versions, and would like to prevent having to modify the line each PHP upgrade.
 

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
7,995
645
263
Houston
cPanel Access Level
DataCenter Provider
I know that pignore will ignore wildcards at the end of the string - for example: Process Tracking and csf.pignore - ConfigServer Community Forum

But for this you'd need to ignore something like /opt/cpanel/ea-php*/root/usr/bin/php-cgi

You might give it a shot - you could also check in with them on their forums as well.