Community forum to discuss cxs.
If you believe that there is a problem with your cxs installation and want support then, as a paid product, you should use the helpdesk after having consulted the documentation.
I have 2 servers with the same configuration, with the same install of cxs.
Server1 is sending admin mails on every issue, like somebody try to upload an infected file or an user add a folder with 777 permissions.
Server2 does not send emails... I did research but can't found the solution... Is there a hidden option to enable/disable admin mails or what?
Questions #1
I get this error when restarting the Watch Dameon:
/etc/init.d/cxswatch restart
Stopping cxswatch daemon:
Starting cxswatch daemon:/etc/init.d/cxswatch: line 44: /etc/cxs/cxswatch sh: Permission denied
So how do I fix this?
Questions #2
I installed ClamAv thru Cpanel or should I uninstall and install it manually. So how or what do I do for Part 6 of the...
Hi Everyone,
I am new to this type of script/software and had a few questions, when installed out of the box and when the cxs Watch Daemon - cxs Watch is running does this automatically scan all files?
If not, how do I set that and what is the command pleasing?
Also, if anyone could post commands for other functions like setting up Cron jobs, etc. would be really helpful.
Hello,
I was installed CXS on cPanel server.
CXS Deleted all files is encoded php.
All files will delete what is harmful and what is not malicious.
example : configuration.php whmcs encoded by phpencode org.
or ...
I have a customer with a 6GB cpanel account that I have had to restore a few times recently. Both times, the server nearly crashed, as the load approached 120! On the 3rd restore, I finally figured out what the problem... it was cxs scanning all the files being restored!
To solve the problem I did the following:
Went to Service Monitor in WHM and temporarily disabled monitoring of cxswatch....
For the past hour I have been flooded with tens of such emails from cxs. In the email it refers to a non existing file on the server,(I believe a bot is searching for exploitable scripts on the domain.) as the upload path ( each different path on each email) and the file does not exist. however cxs states that the file has been quarantined. How is this possible if the hacker cannot upload any...
We've been running into this issue for at least the last year now, and it appears the old post regarding this issue has disappeared, so I figured we would bring it back to your attention.
We run cPanel on all of our servers, we have CXS on about 10-15 of them. Sometimes pure-ftpd will randomly stop functioning for no apparent reason. The process will be running, but trying to connect will...
For some reason I'm constantly getting hit hard from obsmtp dot com which is a Google IP address. One of the matching IP addresses is 68.18.3.39. I want to completely block anything from 64.18.0.0 and on. Would the correct way to input that into my deny config file be like this?
68.18.0.0/32
Update:
I think I was able to get it.
68.18.0.0/16 I believe blocks all from 68.18.*.*
Got an odd problem on the last server you guys set up.
The cxs daily cron will sometimes just hang and prevent the logrotate process from running. I'll notice it when I receive an email that /var is running out of drive space, due to logs growing in size.
If I kill the cxs cron, then logrotate will run. I've noticed this happening about 3 or 4 different times since last december. Just noticed...
Hi Jonathan,
yesterday a hacker managed to ftp to a compromised password on a customer and uploaded a few modified files that he downloaded previously.
All the files are java scripts with the extension .JS, I have checked the code and added the code to the xtra file, using REGALL but CXS is not checking the .js files and the files are not quarantined.
first, cxs is awesome... incredible... like finding REAL NY PIZZA IN GEORGIA USA
--if i could.....
ok, i have a web cam for our studio
we use secure ftp
i have the program uploading a multiple camera single jpg image every 10 seconds
tail:
Jan 5 04:35:45 secure cxswatch : Ignoring file for the next 300 seconds: '/home/user/public_html/directory/thisfile.jpg'
Jan 5 04:42:29 secure cxswatch :...
WARNING: Quarantine disabled - Directory has incorrect permissions , run cxs --qcreate --quarantine /home/quarantine
I have moved the old quarantine directory elsewhere and ran cxs --qcreate --quarantine /home/quarantine but continue to get the error. I have also just tried chmod 0755 on the quarantine directory to no avail.
The last few days we notice that email reports from cxs if reporting a virus now say:
WARNING: Quarantine disabled - Directory missing, run cxs --qcreate --quarantine
WARNING: Quarantine disabled - Directory missing, run cxs --qcreate --quarantine
WARNING: Quarantine disabled - Directory [] has incorrect permissions , run cxs --qcreate --quarantine
I just done the cxs v4.04 update and it broke the Documentation info.
Other Documents
reference.txt install.txt changelog.txt license.txt
cxs POD
Usage: perldoc PageName|ModuleName|ProgramName Examples: perldoc -f PerlFunc perldoc -q FAQKeywords perldoc -v PerlVar The -h option prints more help. Also try perldoc perldoc to get acquainted with the system.
CXS is using over 50% of my dedicated server's CPU. is there a setting to limit it's CPU or resource usage? If not, what third party solution do you recommend? I am happy for this scan to take a lot longer as long as the CPU usage does not go above 20%.
Thanks,
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum