Vesta Control Panel - Forum

In case you want to monitor viruses in realtime on your VestaCP installation, with Maldetect and extended ClamAV signatures, I created installer when I realized I did this too many times manually so far. https://github.com/lukapaunovic/vesta-realtime-virus-monitoring-installer/blob/master/installer.sh

We are at DEFCON 1

I have my vps hosted at EU OVH. The same machine has been hacked twice with ubuntu 18 and debian 8, both with the latest version of vesta. All the logs have been deleted. I'm trying to make a tail -f /var/log/......log before OVH blocks my VPS. reboot it to rescue asap, then mount the disk and cont...

Reverse shell is activated when access is GAINED. when a vulnerability is EXPLOITED.
E.g. you manage to upload a shell script to vuln. upload form, and then you run this via exec and viola you have SSH under user script running.
I do not think that he meant there's a shell virus in all vesta.

There are things called "callback" that connect from the inside to the outside giving a shell. 100% not true, because, if something ''inside'' is ''calling'', then all datacenters will be hacked - in Europe you have very big datacenters that is completly UNTOUCHED by this hack. Why? Because only OV...

OVH....
They are always being targeted, along with Digital Ocean.
Some people who use Hetzner aren't having issues because bots aren't scanning those IP ranges.
They are just 'lucky'. That doesn't mean issue/vulnerability is not present.

I just want to report I have two customers whose servers were recently reinstalled and everything was clean. They got hacked and their server suspended for outbound DoS They had mod_security with Comodo WAF rules implemented on apache.... also maldetect... chkrootkit... And also had these functions ...

I needed this, and it works. Thanks!
Just one more thing,
in exim conf
under remote_smtp
needs to be changed too :)

Yes, it could be added to cron. But the only flaw here is that when you run it again it will go through all already optimized images, it will detect they are optimized but that loses a lot of time. Here is an example of a cron create /home/images.sh with content: VESTA=/usr/local/vesta export VESTA ...

Disable functions like dpeca suggested. And implement mod security