CPanel

From Indie IT Wiki
Jump to: navigation, search

HOWTO: Deal With Web Site Hack

Log in to the WHM Control Panel for your server.

1. Suspend the web site...

Home » Account Functions » Manage Account Suspension » Choose Account » Suspend

2. Clear the mail queue...

Home » Email » Mail Queue Manager » Delete All

3. Stop the Email and Web Server software...

Home » System Health » Process Manager » Kill all processes by user: [dovecot,dovenull,mailnull,nobody]

4. Run the Malware detection software on the web site directory of the user account...

maldet --scan-all /home/user/www/

5. Clean the infected files...

maldet --quarantine SCANID

6. Run the Malware detection software AGAIN on the same account...

maldet --scan-all /home/user/www/

HOWTO: Control cPHulk HULK Brute Force Protection

Stop + Disable

/usr/local/cpanel/etc/init/stopcphulkd
/usr/local/cpanel/bin/cphulk_pam_ctl --disable

Log Files

/usr/local/cpanel/logs/cphulkd.log
/usr/local/cpanel/logs/cphulkd_errors.log

Thanks - https://documentation.cpanel.net/display/ALD/cPHulk+Brute+Force+Protection