Recommended list of "suspicious processes" to whitelist in csf.pignore?
Hi All,
Lots of people over time have asked questions about the "suspicious process running under user <username>" emails that they repeatedly get from CSF / LFD.
E.g. about an executable like /opt/alt/php80/usr/bin/lsphp
The advice is usually to add it to csf.pignore via the CSF interface in WHM, thereby removing the false positive that this email warning represents.
My question: has anyone attempted to come up with a comprehensive list of cPanel-friendly executables that can safely be added to csf.pignore, including making maximim/optimal use of wildcards?
I'd be very interested in such a list!
Thx.
Please sign in to leave a comment.
Comments
0 comments