Hello.
We are currently having problems on a number of server's with the WGET command. What seems to be happening is a hacked script is being called on a customers web site (Normally a wordpress or Joomla site) and its calling the wget command and opening thousands of WGET processes.
This is then causing our server to max out its port speed and make it unresponsive. The issue I am having is that the request only seems to last for a couple of mins, so by the time we get access to the server the command is gone and the problem has stopped.
Has anyone else had this problem and if so how have you worked around this? As this has effected a couple of our cPanel servers I don't think this will be limited to us.
Any help would be great as Mod Security and CSF are doing nothing for this.
We are currently having problems on a number of server's with the WGET command. What seems to be happening is a hacked script is being called on a customers web site (Normally a wordpress or Joomla site) and its calling the wget command and opening thousands of WGET processes.
This is then causing our server to max out its port speed and make it unresponsive. The issue I am having is that the request only seems to last for a couple of mins, so by the time we get access to the server the command is gone and the problem has stopped.
Has anyone else had this problem and if so how have you worked around this? As this has effected a couple of our cPanel servers I don't think this will be limited to us.
Any help would be great as Mod Security and CSF are doing nothing for this.
