cPanel Update Email Question
Hello,
I got this email from my server today evening. I did not login to my server since afternoon. Is this something i should be worried about?
----------------------------------------------------------------------------------------------------
=> Log opened from cPanel Update (upcp) - Slave (30544) at Thu Oct 15 01:20:02 2015
[ Snipped]
-
No need to post that entire log to your post. That's a cPanel updates email alerting you that it ran last night. You'll get one every day when updates runs. 0 -
No need to post that entire log to your post. That's a cPanel updates email alerting you that it ran last night. You'll get one every day when updates runs.
Thank you Infopro, Additionally, i got this message at night :| -------------------------------------------------------------------------------------------------------------------------- A device at the "xx.xxx.xx.xxx" IP address has made a large number of invalid login attempts against the account "admin". This brute force attempt has exceeded the maximum number of failed login attempts that the system allows. For security purposes, the system has temporarily blocked this IP address in order to prevent further attempts. Service: sshd Remote IP Address: xx.xxx.xx.xxx Authentication Database: system Username: xxxx Number of authentication failures: 30 Maximum number allowed: 30 ------------------------------------------------------------------------------------------- This seems to worry me a bit. If this is a threat, please let me know how to take any precaution measure. Thanks!0 -
That's from cPHulk. You'll find settings for this in your WHM. cPHulk Brute Force Protection - Documentation - cPanel Documentation That particular email mentions SSH. Assuming you've not done anything with that yet, you'll want to move SSH to another port for security reasons. [Tutorial] Interested in increasing the security of your server? Read this. (sshd hardening) 0
Please sign in to leave a comment.
Comments
3 comments