CPanel

From Indie IT Wiki

HOWTO: Deal With Web Site Hack

Log in to the WHM Control Panel for your server.

1. Suspend the web site... 

Home » Account Functions » Manage Account Suspension » Choose Account » Suspend

2. Clear the mail queue... 

Home » Email » Mail Queue Manager » Delete All

3. Stop the Email and Web Server software... 

Home » System Health » Process Manager » Kill all processes by user: [dovecot,dovenull,mailnull,nobody]

4. Run the Malware detection software on the web site directory of the user account... 

maldet --scan-all /home/user/www/

5. Clean the infected files... 

maldet --quarantine SCANID

6. Run the Malware detection software AGAIN on the same account... 

maldet --scan-all /home/user/www/

HOWTO: Control cPHulk HULK Brute Force Protection

Stop + Disable 

/usr/local/cpanel/etc/init/stopcphulkd
/usr/local/cpanel/bin/cphulk_pam_ctl --disable

Log Files 

/usr/local/cpanel/logs/cphulkd.log
/usr/local/cpanel/logs/cphulkd_errors.log

Thanks - https://documentation.cpanel.net/display/ALD/cPHulk+Brute+Force+Protection

Retrieved from ‘https://wiki.indie-it.com/index.php?title=CPanel&oldid=469