Community forum to discuss cxs.
If you believe that there is a problem with your cxs installation and want support then, as a paid product, you should use the helpdesk after having consulted the documentation.
The last few days we notice that email reports from cxs if reporting a virus now say:
WARNING: Quarantine disabled - Directory missing, run cxs --qcreate --quarantine
WARNING: Quarantine disabled - Directory missing, run cxs --qcreate --quarantine
WARNING: Quarantine disabled - Directory [] has incorrect permissions , run cxs --qcreate --quarantine
I just done the cxs v4.04 update and it broke the Documentation info.
Other Documents
reference.txt install.txt changelog.txt license.txt
cxs POD
Usage: perldoc PageName|ModuleName|ProgramName Examples: perldoc -f PerlFunc perldoc -q FAQKeywords perldoc -v PerlVar The -h option prints more help. Also try perldoc perldoc to get acquainted with the system.
NOTE: Support for using suhosin is deprecated and will be removed in
the near future - use ModSecurity instead. If you are unable to use
ModSecurity, you will have to rely on either cxs Watch or manual scans
Does this only apply to scanning of PHP Upload scripts?
What I mean is: I use CXS Watch, and I also use Suhosin. Will CXS Watch stop working for PHP if I keep using Suhosin (in the...
New option added: --defapache . This is the default account
under which apache runs. This will be set to apache by default
except on cPanel servers where it is set to nobody by default
I have a cPanel server. So it is set to nobody by default.
Is there a more secure value rather than nobody or is that value required (and secure as-is)?
I don't fully understand what nobody means and any...
This morning in my logs I noticed the following messages being repeated over and over with random usernames. Any idea what causes this and is it something I should be concerned about?
Oct 22 00:03:01 server6 cxswatch : Adding new cPanel user PR7E2ppU...
Oct 22 00:03:01 server6 cxswatch : Failed to add user PR7E2ppU: Invalid Home directory []
Oct 22 00:03:01 server6 cxswatch : ...done
Oct 22...
I am running CXS on my server and II have setup few WP blog with W3-Total-Cache. I am getting these alerts. Should I be concerned. :confused:
---------------------------------------------------------------------------
# Regular expression match = :
'plugins/w3-total-cache/inc/widget/new_relic.php'
# Regular expression match = :...
Hello
i see following log /var/log/cxswatch.log
how i can ignor this file for CXS?
becuase CXS check this file, so we not need CXS check this file, correct?
I've removed cxs from my server as I'm going to install it on a new one I'm moving to.
Below seems to state that I have to retire the old server before I change to the new server IP. Is that correct? :)
If you are going to retire the server that you initially had cxs licensed for or you have been required to change the server's IP address, then the licensed IP address can be changed. There is...
Hi Everyone
I have a very very critical problem with CXS! Scan the server and the CXS Quarantine many fatal files like index.php and config.php!!!!!!!!!! No idea how to restore these files and I am in a hurry ... so please please response me ASAP
Thanks
I am planning on purchasing the cxs scanner, because previously I was using apache / atomicorp modsec rules but as I shifted to litespeed the modsecurity rules are no longer working. Which is a shame as since using those none of the sites hosted on the server got hacked / defaced.
So now I need a solution and cxs seems somewhat of an answer but it also seems to be dependent on modsec...
I created a cron from the cxs interface to run a scan once a day. When I look at crontab -e under root, I dod not see the entry. Can someone tell me where it is stored?
A CXS scan (via manual Generate Commands) does not find/alert
1. cxs.xtra stuff if it's not in a php file or maybe other script files.
If there is cxs.ztra stuff in a .html file it will not report it.
Even if it's included in a Javascript code.
2. CXS does not report/find a very bad javascript/malware in index.html while all other
free website scanners I tested found it.
This was the...
Another problem, when pysh the boton QUARANTINE we have /cuarentenacxs directory and push VIEW QUARANTINE send message Directory is not a cxs quarantine directory and can't view results.
This is a bug too for this version?? this are fixed in the next version?
I noticed today on the top of my CXS it now says the following.
Running in Restricted Mode - remove /etc/cxs/cxs.restricted to enable full access to this User Interface
The nature of this User Interface allows direct and indirect access to the root shell on the server, therefore any user access to this interface could allow abritrary commands to be run as root and system files to be overwritten....
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum