We are currently experiencing a higher than usual ticket volume, and as a result there may be delays before we can reply to your ticket.
Please feel free to reference the information available in our Forums, Documentation, and Knowledge Base in the meantime.

Skip to main content

Suspicious File Alert Email

Zachary Karr
  • Updated

Question

What are the Suspicious File Alert emails that I receive with content such as the following?

 

lfd on server.hostname.tld: Suspicious File Alert

Time:   <Time>

File:   /tmp/file.ext

Reason: Script, file extension

Owner:  user:user (1001:1003)

Action: No action taken

Answer

These emails are generated by the CSF/LFD plugin for cPanel. Please note that cPanel does not develop or provide support for this plugin.

The messages are alerting you of a file that has matched known or suspected malware. The specific reason will be listed in the message, as well as the file location and the action that LFD performed on the file.

cPanel does not offer any advice on security-related issues. If these files are suspected malware it is best to consult a security administrator. Virus scans such as ImunifyAV and ClamAV can be used to check the server, but these will often have different rules they match and may not have the same results as LFD.

 

 

Related articles

Comments

0 comments

Article is closed for comments.