Hello, Today couple of websites on my server were redirecting to some other website, after investigating the issue I have noticed that some one have modified the .htaccess file which was redirecting to some other website. I have also noticed that Last Login IP in cpanel was totally different IP then mine. Can anybody please tell me why this was happened i am running APF Firewall on cpanel/whm server, I have also installed Mod_security. I Would appreciate if some one will help me fixing this security threat. -Regards.
No Password was a real hard one I mean combination of $%)(_122 it was 100% Secure, so its not the reason that password was easy one.
Have you checked your log files to see if anything malicious was uploaded / executed? Have you secured your /tmp directory? Have you disabled insecure PHP functions?