Community forum to discuss cxs.
If you believe that there is a problem with your cxs installation and want support then, as a paid product, you should use the helpdesk after having consulted the documentation.
Dears
is it acceptable to submit melecious scripts which has been used in my server (already has cxs) but did not discovered?
this is to add it in your database for future release
if there is any way to submit them, please let me know
Regards
hi
i am using cPanel with php 5.2.17
and cxs is working propebly
but when we update cxs to latest version we see this error when we scan a user
Scan Error [Unmatched [ in regex; marked by <-- HERE in m/<\?php error_reporting\(0\); ini_set\('display_errors', 0\);\@ini_set\('max_execution_time', 0 [ <-- HERE / at /usr/sbin/cxs line 232
We run CXS over all our fleet each week for a full scan, and one server sends dozens of messages towards the end of the scan which are all pretty much the same, only with the addition of an account of two extra having been scanned.
I did notice that this server runs the cxs update via a cron every morning which would make this occur right in the middle of the weekly full scan - could this...
I get the following exploit on a site:
# Known exploit = [PHP Exploit ]
How do I find out more about the exploit? I know that WordPress sites are affected by it and it's the first line of the file, but the various files look different.
What's the signature?
How can I grep for this particular exploit's footprint?
P0358 references the local bayes db I think, or is it a reference to an...
With every account that runs a wordpress blog on our server, I've been getting this, starting around July 2nd.
I thought it might be the wysija plugin that was recently reported to have a security bug, but all of the sites don't have the plugin this refers to.
Still, the IPs these come from are all from suspect countries, so it's not an accident.
Each cxs entry has a different IP listed as the...
I know all about the cxs.xtra file which adds signatures (sort of) to be detected by my installation of CXS, is there a place though to submit files to be added/analysed by ConfigServer to CXS.
I manage a bunch of servers and I come regularly accross files that are not detected by CXS and would love nothing more than to submit them so they are added to the scan engine.
In an old installation of cxs, the cxs daemon cannot longer start cxs (Watch Daemon - cxs Watch is not running), and the message I get is
ERROR: Attempt to restart unknown service cxswatch
I have uninstalled and re-installed cxs but problem still exists. Any ideas what might cause this issue please?
Hi Everyone,
I am currently having issues with spammers gaining access to some of my websites. They are uploading spam scripts but cxs is not detecting them? How can I configure CXS to pick up these new spam scripts as it is causing major issues with regards to my servers getting blacklisted for spam!
We have cxs and configserver running on a server and received the following from abuseeat.org. I am running the latest versions. Any recommend way to track down this script? I have grepped all files in /var/log/ but have found no occurrence of the IP 87.255.51.229 listed. The system runs Apache in ruid2 so php processes are ran at the user level. Is there anything in the latest cxs to cover...
I am BRAND new to cxs. I just installed it and am doing a scan. I found that a clients .htaccess was flagged and quarantined, which is breaking parts of their website. the .htaccess is huge and appears to contain many valid statements... my question is how can i determine if a quarantined item is malicious or a false positive. one particular example shows me this:
I have 2 servers with the same configuration, with the same install of cxs.
Server1 is sending admin mails on every issue, like somebody try to upload an infected file or an user add a folder with 777 permissions.
Server2 does not send emails... I did research but can't found the solution... Is there a hidden option to enable/disable admin mails or what?
Questions #1
I get this error when restarting the Watch Dameon:
/etc/init.d/cxswatch restart
Stopping cxswatch daemon:
Starting cxswatch daemon:/etc/init.d/cxswatch: line 44: /etc/cxs/cxswatch sh: Permission denied
So how do I fix this?
Questions #2
I installed ClamAv thru Cpanel or should I uninstall and install it manually. So how or what do I do for Part 6 of the...
Hi Everyone,
I am new to this type of script/software and had a few questions, when installed out of the box and when the cxs Watch Daemon - cxs Watch is running does this automatically scan all files?
If not, how do I set that and what is the command pleasing?
Also, if anyone could post commands for other functions like setting up Cron jobs, etc. would be really helpful.
Hello,
I was installed CXS on cPanel server.
CXS Deleted all files is encoded php.
All files will delete what is harmful and what is not malicious.
example : configuration.php whmcs encoded by phpencode org.
or ...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum