Skip to main content
We are aware of an issue with a recent Apache update that causes proxied sites to return a "421 Misdirected Request" error. Please see the following article for more information and updates:
Websites show 421 Misdirected Request error while using EA Nginx

Suspicious File Alert Email

Zachary Karr
  • Updated

Question

What are the Suspicious File Alert emails that I receive with content such as the following?

lfd on server.hostname.tld: Suspicious File Alert
Time:   <Time>
File:   /tmp/file.ext
Reason: Script, file extension
Owner:  user:user (1001:1003)
Action: No action taken

 

Answer

These emails are generated by the CSF/LFD plugin for cPanel, a third-party developed plugin to help you manage aspects of your server and firewall.

The messages alert you to a file that matches known or suspected malware. The specific reason, file location, and action that LFD performed on the file will be listed in the message.

cPanel does not offer any advice on security-related issues. If these files are suspected malware it is best to consult a security administrator. Virus scans such as ImunifyAV and ClamAV can be used to check the server, but these will often have different rules they match and may not have the same results as LFD.

 

 

Related articles

Comments

0 comments

Article is closed for comments.