CWP Security Audit - Unauthorized port: php-fpm

[Starburst-Admin]

CWP Started displaying:

PHP-FPM Unauthorized Port.png

When

Code: Select all

sh / scripts / cwp_security_audit

is run:

------------------------------------------------------
[INFO] Auditing cwpsrv (PID: )
[OK] cwpsrv looks clean.
------------------------------------------------------
[INFO] Auditing php-fpm-cwp (PID: )
[SECURITY ALERT] Unauthorized port: php-fpm
Error:Can't add notification!------------------------------------------------------
[INFO] Auditing apache (PID: )
[OK] apache looks clean.
------------------------------------------------------
[DONE] Security audit finished.

--

It is currently not clear what is triggering this warning.
Even servers that are not using PHP-FPM are showing this security warning box.

--

You can check if you are running PHP-FRPM by running:

Code: Select all

 systemctl status php-fpm

If it shows: Unit php-fpm.service could not be found.
Then PHP-FPM isn't running.

Things you can do to make sure a hacker can't get in is:
Block ports 9000-9005
Limit access to port 2083

As more information becomes available, it will be posted here.

[Starburst-Admin]

This was a false positive, and the bug should be fixed in the next release of CWP.

The audit command output showed the standard core system libraries, such as glibc and libpthread.