Suspicious File Alert

Tripolis

• January 12, 2014 06:57

Hey, some mails about "Suspicious File Alert" have arrived. I know what it is but the message comes. /tmp/ Is there a problem to delete all files in /tmp/ ? A cronjob can by handle this automatical? Regards

• 

  carlosbss

  • January 12, 2014 14:23

  It could be a probl as it deletes session files and probably some temp files for programs running. But you could make a cron to delete all .zip, .php and so on.

  0
• 

  Tripolis

  • January 12, 2014 16:42

  Okay, but programms ( website ) use there own cache i thought. Many folders in there.

  0
• 

  ThinIce

  • January 13, 2014 08:03

  If the file is actually malicious, it would be good to discover via which account it is being uploaded and close any scripting vulnerability or compromise allowing the upload. Is your tmp mounted in a "secure" fashion? Many php scripts will just use the values set by php for session.save_path and upload_tmp_dir unless they have been configued to use areas within the account itself.

  0
• 

  cPanelMichael

  • January 13, 2014 13:32

  Hello :) This message is from your third-party LFD application. You can find a similar thread at: Suspicious File - Tracking Where It's From Thank you.

  0

Please sign in to leave a comment.