New Install - Recurring Alerts
Posted: 25 Apr 2024, 14:42
Hi,
I hope you can help.
We are running new cPanel install on AlmaLinux via Lightsail Instance.
Configuration:
Access to WHM and cPanel is limited to single static IP
SSH port remains as 22
SSH root login disabled
The following services are enabled and working:
MySQL is bound to 127.0.0.1
2-factor authentication for WHM
Security Advisor: all in ‘green’
ImunifyAV: No malware found in scans
ConfigServer: Enabled
cPHulk: Enabled, internal static IP whitelisted
We immediately began getting the following alerts every hour:
Executable: /usr/bin/rpcbind -w -f
File: /tmp/system_update.sh
Reason: Script, file extension
File: /tmp/imgbuild-common.sh
Reason: Script, file extension
File: /tmp/cpinstall.sh
Reason: Script, file extension
File: /tmp/set_up_install_on_boot.sh
Reason: Script, file extension
File: /tmp/clean.sh
Reason: Script, file extension
File: /tmp/watch-install-progress
Reason: Script, starts with #!
File: /tmp/zzz-fix-transient-hostname.sh
Reason: Script, file extension
I’m new to server admin, and neither our platform vendor nor cPanel can assist, can anyone shed any light on whether the above is something to be concerned about.
Thank you for your help.
Kind regards,
James
I hope you can help.
We are running new cPanel install on AlmaLinux via Lightsail Instance.
Configuration:
Access to WHM and cPanel is limited to single static IP
SSH port remains as 22
SSH root login disabled
The following services are enabled and working:
MySQL is bound to 127.0.0.1
2-factor authentication for WHM
Security Advisor: all in ‘green’
ImunifyAV: No malware found in scans
ConfigServer: Enabled
cPHulk: Enabled, internal static IP whitelisted
We immediately began getting the following alerts every hour:
Executable: /usr/bin/rpcbind -w -f
File: /tmp/system_update.sh
Reason: Script, file extension
File: /tmp/imgbuild-common.sh
Reason: Script, file extension
File: /tmp/cpinstall.sh
Reason: Script, file extension
File: /tmp/set_up_install_on_boot.sh
Reason: Script, file extension
File: /tmp/clean.sh
Reason: Script, file extension
File: /tmp/watch-install-progress
Reason: Script, starts with #!
File: /tmp/zzz-fix-transient-hostname.sh
Reason: Script, file extension
I’m new to server admin, and neither our platform vendor nor cPanel can assist, can anyone shed any light on whether the above is something to be concerned about.
Thank you for your help.
Kind regards,
James