ukhost4u

Active Member
PartnerNOC
Apr 24, 2003
42
0
156
Hello.

We are currently having problems on a number of server's with the WGET command. What seems to be happening is a hacked script is being called on a customers web site (Normally a wordpress or Joomla site) and its calling the wget command and opening thousands of WGET processes.

This is then causing our server to max out its port speed and make it unresponsive. The issue I am having is that the request only seems to last for a couple of mins, so by the time we get access to the server the command is gone and the problem has stopped.

Has anyone else had this problem and if so how have you worked around this? As this has effected a couple of our cPanel servers I don't think this will be limited to us.

Any help would be great as Mod Security and CSF are doing nothing for this.
 

arunsv84

Well-Known Member
Oct 20, 2008
372
1
68
127.0.0.1
cPanel Access Level
Root Administrator
As a temporary workaround can you try removing wget from server ?