exploit email
Hello,
I have problems with my mail server in cpanel I received information that I have an exploit and to detect it they only gave me the following information
I already checked the webserver logs and the access log but I can't find this information or something sumilar with that date, where can I find this:
=============================================
* IP tpc-044.mach3builders.nl 2023-05-28T16:38:20+02:00 IP - - [28/May/2023:16:38:11 +0200] "GET /wp-login .php HTTP/1.1" 301 507 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96" [Virtual Host:
-
This is not a cPanel issue, it is a WordPress exploit issue. For assistance, you will need to either contact your host, use a security service (i.e. Securi, etc.) to automatically clean the infection or hire a competent server admin to manually clean the account for you. 0 -
Hello, thank you very much for your answer, how can I detect which is the account since it is a shared environment server and the antispam agent that gives us the information does not give us much detail on how to identify the source of the exploit to remove it. 0 -
This is an instance where a product like Imunify360 would help. 0
Please sign in to leave a comment.
Comments
3 comments