In both Horde and RoundCube the default mode for writting emails is plain text and not HTML. To enable HTML we need to edit one file for each program. RoundCube For roundcube on cPanel the file to be edited is:...
Here is how to check MySQL databases for malware: Open up PHPMyAdminLook for anything ‘weird’ It’s that simple. What’s ‘weird’ you ask? Well, anything that’s ‘not supposed to be in the database’...
The two most frequently used storage methods for email server side are mbox and maildir. The mbox format is older and much less common, since its basically putting all your eggs in one basket. A single database file stores all of the...
![suexec 736x491 - ⚠️ ERROR [ModSecurity] unknown server variable while parsing: MULTIPART_STRICT_ERROR](https://pcx3.com/wp-content/uploads/2021/02/suexec-736x491.png "⚠️ ERROR [ModSecurity] unknown server variable while parsing: MULTIPART_STRICT_ERROR")
After installing LiteSpeed in our server, new uploads in WordPress websites (wp-content/uploads directory) are showing “nobody” permissions. If switched back to Apache, uploads work fine and are uploaded under the correct user. Error log...
During a rutine malware cleanup a file named hax.html caught my attention. On the outside the file was a simple “you’re hacked page” that looked like this: 407 Authentic Exploit Shell But with a POST method sent to it a nice little...
If you receive the following error message in the /var/log/messages file while restarting the pure-ftpd service, the problem is in the ftp configuration file at /etc/pure-ftpd.conf pure-ftpd: (?@?) [ERROR] Configuration error: Illegal load limit: 0...
Back in December 2020, cPanel introduced the Welcome panel for new cPanel accounts in the cPanel version 94. This feature by default shows Creating an email and Site Publisher sections. If you have the Site Publisher option disabled globally in WHM...
During a regular anaysis of a WordPress website for a new user I’ve noticed a file named wp-blogs.php in the public_html folder. As an experienced WordPress user, the name itself drew attention, as I do not recall ever seeing a file called wp...
A few weeks ago I was approached by a friend of mine, complaining about high load and CPU usage on one of his shared hosting servers (DELL) running CentOS 7, CloudLinux and cPanel. I was more than happy to take a look, and after a couple of minutes...
WSO (web shell by oRb) is a simple and easy to use tool for any would-be hacker to learn and use. WSO 2.6 Shell This shell allows an attacker to perform the following actions: View detailed server informationFile management (uploading, downloading...