• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Watchdog

LordLiverpool

LordLiverpool

Basic Pleskian
Hello Parallels

OK 1 week ago I got an email from my server:

[rkhunter] Warnings found for <insert domain name here>
watchdog@mail.<insert domain name here>.com
Please inspect this machine, because it may be infected. Scan log:

I contacted my server provider and they said my VPS is "self managed" so its up to me to resolve this problem, but they did say it was probably nothing.

Today I got another email from watchdog with the same warning, My VPS has been up and running for 18 months now and I've never had emails like this before???

I dont know what to do next, can anyone help please?

Cheers

OS Linux 2.6.32-71.el6.x86_64
Panel version 10.4.4 Update #57, last updated at Oct 31, 2013 03:25 AM
 
Hi LordLiverpool,

sorry for the late answer. Please provide me the whole log, when you have ran in Watchdog (Extensions -> Watchdog) the rkhunter.
Please anonymize it or send it to me via PM and I'll give you further information.

With your error, I can only advise.
 
Can anyone help me out with this? I originally posted this question back in December, felt it was worth a bump.

Every Monday morning I get an email from [email protected]

Telling me "Please inspect this machine, because it may be infected."

With it comes a scan log, hundreds of lines long.

Q1. How do I know this isn't a false positive? (My server provider said my server was unlikely to be infected and not to worry)
Q2. If it is a false positive how do I adjust Watchdog settings so as to prevent the weekly email be sent?
Q3. If my machine is infected how do I fix it?

Thanks in advance
 
Last edited:
You must log in or register to reply here.

Similar threads

Azurel
Question Does Plesk possibly monitor this file /var/log/messages?
Replies
1
Views
535
AYamshanov
AYamshanov
G
Issue Database Malware or False Positive?
Replies
2
Views
2K
Gene Steinberg
G
L
Issue Server backup fails after moving domain to subscription
Replies
6
Views
1K
Kaspar@Plesk
Kaspar@Plesk
K
Resolved no incoming mail
Replies
6
Views
2K
Martin Dias
Martin Dias
T
Issue SMTPD No Auth from IP Issue
Replies
2
Views
2K
Tessxr
T
Back
Top