API Tokens
|
|
Hi,
I would like to ask about Manage API Tokens.
I found several API Tokens being created in the last few hours.
1. By default, does CPanel create some API Tokens which is needed by the system?
2. I read about the security critical update posted by CPanel and we did the update successfully. However, those API Tokens was created before the CPanel security update. Can I revoke ALL of these API Tokens?
3. If you suspect these API Tokens were created by a hacker or worm/bot, what are the measures I can undertake to ensure the system is not compromise?
Thank you.
-
Hey hey!
1 - Not usually, unless you have a DNS cluster configured with reverse trust.
2 - Yes, I would
3 - I would use the details in our tool at https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026 to see if there is anything detected. Auditing the logs for IP access to root would also not be a bad idea, as that would tell you who accessed the system and potentially who created the key.0 -
Thanks Rex.
I will change all the CPanel account passwords.
How do I check and kick existing FTP sessions if the hacker was already signed in? So that we can prevent him from uploading/downloading files.
0 -
I wouldn't be worried about FTP sessions, but restarting your FTP client should be sufficient to do that.
This is a root-level exploit so the attacker would have much better options available than a user-level FTP connection.
0
Please sign in to leave a comment.
Comments
3 comments