security

Hi All, I recently used the WordPress toolkit for the first time and activated all the security measures. Unfortunately the setting "Restrict access to files and directories" breaks my Wordfence security. I believe this is the setting breaking my WordFence security. It says it can't be...

Team, I used security headers (Analyse your HTTP response headers) to get my header to a green status. I checked my website and now my headers are all red like they have been reset. I have not made any changes to my cpanel server or my htaccess file. Has anyone ran into an issue like this...

Hello, Can cPHulk provide protection against Brute force logins for web serves like apache, nginx, litespeed?

Hello, Currently, we have about 10 VPSs running CentOS 7.x. All are similar in design and software. But, on a group of older servers, as Security Advisor starts to run, it is stalled at the following... Cpanel::Security::Advisor::Assessors::Apache 1.04 Nothing in the error logs (Cpanel or...

Trying to stop the onslaught of microsoft azure bots. I have a script that stops the amazon ones in csf but can't find one for the microsoft flavor. Also wondering if there is a third party provider that does this for the microsoft bots integrated into mod_security. Any advise appreciated.

Hello, Here another "Security Questions" story :) I just took almost 2 hours to figure out why I got an error during cPanel Account Transfer between remote servers. Common check for troubleshooting : The TCP ports 2083/2087 was opened in CSF. Tried to temporarily disabling Imunify360/CSF...

cPanel v94 on Alma 8. Out of the box, the cPanel jailshell environment doesn't include the files under /etc/crypto-policies. This breaks crypto-policies(7) and can cause unexpected/undesired behavior across various processes (kerberos, (lib)openssh, (lib)openssl, etc). As one example that...

Hi an thank you for reading. ISSUE: Several open tabs, each with different domain, times-out to "The security token in your request is invalid." and need to login again. PROCESS: (can be repeated) Open WHM in Chrome In WHM, choose domain X and click CP (Cpanel). Domain X opens in new tab...

Security Advisor page does not load after cPanel updated to 102.0.7

Hi - I've had a few instances in which clients have other apps installed in subdirectories in public_html and, after applying security measures, those are no longer accessible. a 404 error is returned. In two cases, the last security measure to be applied is, "Restrict access to files and...

Hello I was wondering how secure the cgi-bin directory is. I need to read a Google spreadsheet and display some of its contents on a webpage. This means I need to have login credentials in a script inside of the cgi-bin directory. Since this is in the public_html/cgi-bin directory, does this...

A KernelCare update is available. You must take one of the following actions to ensure the system is up-to-date: Patch the kernel (run “kcarectl --update” on the command line). Update the system (run “yum -y update” on the command line), and reboot the system. not sure where to post the...

Hi, Just wondering about token access. We have a site on the server that a 3rd party wants access to via an API token. The token key will be stored in plain text on a config fiile in the sites public folder. I am aware that i can create a token in the accounts cpanel, and also within WHM. I...

I have reported this to cPanel support and wanting to create a thread here so that I can follow it. Re: Not receiving "New Security Advisor notifications" After checking, I was able to get a Security Advisor state change notification 'sent' by briefly making a change that would warrant the...

I'm running the ImmunifyAV WHM plugin and have been for a while. Yesterday it scanned all my accounts in /home*/* and found a number of infected files. These are all in /home/user/.quarantine. They were easy to delete and subsequent manual scans showed clean. My question is: what application...

Hello we have noticed that when a customer clicks on a malware email, one type of malware installs in their computers and then send email/pass credentials to hacker, then at any given time hacker will send out spam with the credentials We have noticed that when they steal email/pass they also...

Hello. Anyone have experience using grype security scanner? Pretty easy to use and fast. Report a lot of vulnerabilities that other scanners do not: https://github.com/anchore/grype

cPanel TSR-2021-0006 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated...

Hello team I have an issue when creating an account it gives me this error "The system failed to connect a UNIX domain socket to “/var/cpanel/dnsadmin/sock” because of an error: Connection refused" And I have noticed all services status in PENDING I have tried to restart DNS admin using this...

Hello. I normally receive updates on files not matching md5sums and check if it was the result of an update. But today I received a list of updated files the likes of the following: [2021-11-01 22:39:31 -0400] [/usr/local/cpanel/bin/dcpumon] Loading Symbol Table...