Skip to main content

How to prevent Local Relay CMS exploit efficiently ?

hoststage
Hello, It appears that we notice an drastic increase of local relay PHP mailing from out dated CMS installation or vulnerable plugins on a few servers. We receive the alerts in real time and we are taking actions but how to prevent it from happening ? Would CXS stop these exploits ? Or is there a fine cpanel security tuning that could block such script ? (don't think so) I thought OSWAP would include such protection but apparently, it doesn't. After readind many threads, no solution has ever been found to my knowledge so if this thread could close the issue once and for all, i believe it would be useful for a handful amount of cPanel users. We ran a few campaigns to sensibilize about the criticity to update CMS as well. Cheers Vincent

Comments

1 comment

Date Votes
  • cPanelMichael
    Hello, For PHP scripts, you could add "mail" to the disable_functions line in your PHP configuration file. The following document may also be helpful:
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post