Skip to main content

Outgoing attack from my server

Comments

2 comments

  • cPRex Jurassic Moderator

    Hey there!  This wouldn't be related to cPanel so our advice is a bit limited, but it sounds like some account or user on the server is compromised in some way.  It may be a good idea to review our guide here for more details:

    https://support.cpanel.net/hc/en-us/articles/1500000479142-How-Site-Compromises-Happen

    You could try reviewing the domlogs on the server to see if you can correlate a specific users' action with the timestamp the provider gave you of the attack.  If the issue is ongoing you could use networking tools like tcpdump (https://www.tcpdump.org/) to watch network traffic and see if that provides more information about where the connection is coming from.

    0
  • Jesus Flores

    Hello @cPRex, thank you, we will be following you recommendations and give feedback, regards.

    0

Please sign in to leave a comment.