uk01
- Total activity 282
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 68
Activity overview
Latest activity by uk01-
uk01 created a post,
Blank Php files
We’ve had cpanel backups running for years, no issues. We now have an issue on one server, the others are ok. Php files on the backup appear blank, after we reset the folder they were ok until mo...
-
uk01 commented,
Ps the dns only server has reverse trust connection as the servers are in the dns cluster.
-
uk01 commented,
Yes, we get root login alerts from the dns only server to whostmgrd (whm) I remember them a while back but it’s now almost every day, however the timings seem very consistent. We restrict by ip a...
-
uk01 created a post,
Root login from dnsonly
Is it normal to see regular root logins from a dnsonly server to whm? It has reverse trust as part of the dns cluster. Used to see this occasionally but this week it’s started doing it more regular...
-
uk01 commented,
Yes it’s strange. The only user is me and the Mac has no malware. The only explanation is that they accessed cpanel using files uploaded through a plugin vulnerability. I’m told that’s not possibl...
-
uk01 commented,
Just to confirm the reset password function is turned off and the contact email wasn’t changed
-
uk01 commented,
I’ll check that out. Possibly! We’ve also established from the logs that they targeted a specific sub domain with a Wordpress website. There’s logs of a malicious file test123Cp and a shell based s...
-
uk01 created a post,
Cpanel hacked
Hi, one of our accounts was compromised today. The hacker got into a cpanel account and set up 100s of email addresses then sent out 2000 emails. Unfortunately the account was our own and not a cu...
-
uk01 commented,
That rings a bell, I remember, it does 👍
-
uk01 commented,
You’re welcome. NFS has probably improved since we used it too. If I remember right, with nfs you just have to be careful with ownership / permissions on the remote files when backing up cpanel users