Search found 1 match
- 13 Feb 2024, 01:41
- Forum: General Discussion (csf)
- Topic: Suspicious Process /wflogs/
- Replies: 0
- Views: 3338
Suspicious Process /wflogs/
I’m getting a number of emails from CSF for “Suspicious process running under user ____” for Wordfence logs. Command Line (often faked in exploits): php-fpm: pool website_url Files open by the process (if any): /dev/null /tmp/.ZendSem.NCrsJg (deleted) /home/server/public_html/website_url/wp-content/...