Rooted Status and cPanel Washing its Hands of Us
So a few months ago we cut a ticket for a problem unrelated to security and cPanel told us that our server was rooted and the only way to move forward was to transfer to a new clean server. There was no reliable way to clean a rooted server.
I don't have an issue with this, what I did take issue with was their immediate abandonment of any support. After being a paying customer for years, we were basically tossed on the raft with some directions and set adrift.
3 months and many thousands later, we are on a new server and I cut a ticket for an PDF not started issue and guess what?
"Thank you for contacting cPanel's software support team. Prior to reviewing this issue further, there are some security concerns on your server that must be addressed by one of our Level 3 analysts.
Due to the nature of the potential anomaly on your system, we must sign out of this server and immediately escalate your issue to one of our Level 3 Analysts for further review. This process is in place to ensure that you are informed about this critical information and to help protect the integrity of your data."
We scanned every file in the transfers and scanned again with Imunify360 on the new server. We ca't figure out how we might have gotten rooted, nor will cPanel tell us anything.
As a small business serving the firefighting vertical we simply can't afford to go through this again if cPanel washes their hands of us. I get it, I really do, but there has to be a better answer to this than "You are rooted, piss off and good luck.", pArticularly when we are using their system and Imunify360 which are supposed to stop this thing happening.
-
Hey there! Could you post the ticket number here so I can review this? 0 -
we are using their system and Imunify360 which are supposed to stop this thing happening.
Unfortunately, security apps like Imunify360 are not a guarantee your server will not be compromised. There are so many simple ways it can happen, such as an administrator being phished, a 3rd party app being compromised, etc.0 -
Ticket number #95045989 0 -
Unfortunately, security apps like Imunify360 are not a guarantee your server will not be compromised. There are so many simple ways it can happen, such as an administrator being phished, a 3rd party app being compromised, etc.
I hear you, but just being told "move to a clean server" and being refused any other support is unacceptable. We did what we were told and added on other ayers of security and now we are back in the same boat.0 -
Thanks for providing that ticket number. It actually doesn't tell me much because you mentioned this all happened through an older ticket, so I don't have much to add on my end. You also threatened legal action against us through the ticket, so I can't comment and will likely need to lock this thread until that is resolved. 0
Please sign in to leave a comment.
Comments
6 comments