Looking for an exploited site
Hello.
I got an abuse alert, which "something" on my cpanel server is trying a brute force against a WordPress site...
Cool: I have the target IP and host, I have few hundereds of log lines, and I guess that the responsible is one of about 300 different WordPress sites which are hosted on my server.
The question is: where can I look to understand what's the exploited site who is trying the attack?!
-
First thing to check is the output of px auxf and see if htere are rogue processes running and who owns them. Their names are usually misleading, but if you know what is supposed to be there they should stand out. They will also usually have long processor times attached to them. 0 -
Hello @Remitur, You can find discussion of this topic on the following thread: Thank you. 0
Please sign in to leave a comment.
Comments
2 comments