Notification when an account is suspect of being compromised
As a Hosting Provider, I want to be notified when an account is suspect of being compromised, so that I can quickly take steps to fix the situation.
Often there are indicators in the SSH mail and other logs that clearly indicate an attack is underway. While tools such as the free third party utility ConfigServer Security & Firewall exist to proactively combat these issues including by means of monitoring logs for suspicious activity and preemptively banning such IPs again the servers are outside the control of the Partner NOC so such proactive measures are deemed impractical since these are unmanaged servers.
This is a feature that has been migrated over from the cPanel Forums. All previous comments and discussions concerning this feature can be located at:
http://forums.cpanel.net/f145/reactive-security-measures-190841.html
Replies have been locked on this page!