Collaborate Disseminate
The above screenshot is from my website’s cpanel visitors list.My website is build on wordpress. And I think someone is trying hard to crack open my website with DDOS attack and drain out my 10gb bandwidth in single night…. Continue reading Protect WordPress against ddos attack
The Exim mail transfer agent (MTA) is impacted by a critical vulnerability that may allow local or unauthenticated remote attackers to execute programs with root privileges on the underlying system. About Exim Exim is the most widely used MTA today and… Continue reading Critical Exim flaw opens servers to remote code execution, patch now!
A cPanel server I help maintain was running slowly and I have found a process using up a lot of memory. On investigation that file is in a .DS_Store folder in one of the cPanel sites. There are a number of shell scripts one w… Continue reading Server hacked unknown script identification [on hold]
Processes with arrows are from same cpanel account let say “charlie”
This account was under control of client.
Last week this server got blacklisted on emails because client run some perl script to send spam emails. (First … Continue reading Executing perl scripts without actual file on a cpanel account
I learned to access some website admin panels with SQL injection and redirect bypass method. (Blocking 302 redirect via browser extension)
But I saw someone accessing popular website admin panels using different ways. (They … Continue reading Is there are another way to access victim website admin panel without sql injection or redirect bypass? [on hold]
I am seeing php files showing up in multiple directories with random names that have code like this: https://pastebin.com/Baus2eCV which de-obfuscates to
“`
<?php
$dpxohll = ‘u6\’3s_ekb5r#7g-i8p1fa4ntcdx2oymlvH*09’;
$mx… Continue reading Randomly-named .php files with malicious code
I am seeing php files showing up in multiple directories with random names that have code like this: https://pastebin.com/Baus2eCV which de-obfuscates to
“`
<?php
$dpxohll = ‘u6\’3s_ekb5r#7g-i8p1fa4ntcdx2oymlvH*09’;
$mx… Continue reading Randomly-named .php files with malicious code
The cPanel on my website is being hacked, and I am not sure that the setup my host provides is totally secure. The hack works by intercepting my login. Will an SSL certificate prevent this? If it will, then it would be a lot … Continue reading Will an SSL certificate prevent cPanel hacks?
For some reason my Notepad++ can’t connect via SFTP since yesterday so I was thinking about editing my site via CPanel file manager which has HTTPS.
I never thought about editing my site in this way, so I’m wondering if it’… Continue reading How safe is it to edit PHP files in Web browser via CPanel?
When you add a new domain in some hostings (i.e. 000webhost or some other hostings, which DOESNT USE cPanel) an entirely separate public_html is created (with a separate FTP login and etc..).
But with cPanel, all “addon doma… Continue reading How to separate and secure domains using cPanel?