Hi,
We just moved to new server (centos -> cloudlinux) both are/were whm/cpanel.
I have 4 big sites that all share access to a generic Geogrpahy database that converts ip addresses to locale, among other things.
I have always had an anonymous user with select privileges to this db set up so any site I program that needs access to it automatically can. This is not a public server we only host for our clients and we are the developers of all sites on the server.
The new server has only been up for two days, and I just found out at 3am that last night around 11:35pm central time an email came in from security advisor stating that: The system’s core libraries or services have been updated. Reboot the server to ensure the system benefits from these updates.
Now, I'm not 100% sure this is related, but at 11:34pm the 4 sites that all require access to this DB went down. I didn't know about it for hours. This means the clients don't know yet, maybe they wont but they might know and I'll hear about it in the morning.
The thing is, is that SA had previously been "warning" me about an anonymous mysql user and provided me a command to run to get rid of it. Obviously I ignored this because its a SELECT perms only on a "public info" database so it was not a concern. After logging in, SA no longer warns me about the anonymous use because the reason all the sites went down was because the access to the database via that permission had been removed.
Why would this new server just take it upon itself to just remove stuff without my input? My old versions of cPanel hosted servers never had an issue or went rouge and did things to sabotage my sites without me doing that manually. I know this had to be done automatically since the server logs show no one else but me has signed into the server over the past 24+ hours.
Anyone have any clue why this would do such a thing? and how to make it not take it upon itself to attempt to be my AI overlord thand act as if it knows better than me in the future?
We just moved to new server (centos -> cloudlinux) both are/were whm/cpanel.
I have 4 big sites that all share access to a generic Geogrpahy database that converts ip addresses to locale, among other things.
I have always had an anonymous user with select privileges to this db set up so any site I program that needs access to it automatically can. This is not a public server we only host for our clients and we are the developers of all sites on the server.
The new server has only been up for two days, and I just found out at 3am that last night around 11:35pm central time an email came in from security advisor stating that: The system’s core libraries or services have been updated. Reboot the server to ensure the system benefits from these updates.
Now, I'm not 100% sure this is related, but at 11:34pm the 4 sites that all require access to this DB went down. I didn't know about it for hours. This means the clients don't know yet, maybe they wont but they might know and I'll hear about it in the morning.
The thing is, is that SA had previously been "warning" me about an anonymous mysql user and provided me a command to run to get rid of it. Obviously I ignored this because its a SELECT perms only on a "public info" database so it was not a concern. After logging in, SA no longer warns me about the anonymous use because the reason all the sites went down was because the access to the database via that permission had been removed.
Why would this new server just take it upon itself to just remove stuff without my input? My old versions of cPanel hosted servers never had an issue or went rouge and did things to sabotage my sites without me doing that manually. I know this had to be done automatically since the server logs show no one else but me has signed into the server over the past 24+ hours.
Anyone have any clue why this would do such a thing? and how to make it not take it upon itself to attempt to be my AI overlord thand act as if it knows better than me in the future?
Last edited by a moderator:
