CWP Security Audit - Unauthorized port: php-fpm
Posted: Sat Feb 21, 2026 5:48 pm
CWP Started displaying:
When is run:
------------------------------------------------------
[INFO] Auditing cwpsrv (PID: )
[OK] cwpsrv looks clean.
------------------------------------------------------
[INFO] Auditing php-fpm-cwp (PID: )
[SECURITY ALERT] Unauthorized port: php-fpm
Error:Can't add notification!------------------------------------------------------
[INFO] Auditing apache (PID: )
[OK] apache looks clean.
------------------------------------------------------
[DONE] Security audit finished.
--
It is currently not clear what is triggering this warning.
Even servers that are not using PHP-FPM are showing this security warning box.
--
You can check if you are running PHP-FRPM by running:
If it shows: Unit php-fpm.service could not be found.
Then PHP-FPM isn't running.
Things you can do to make sure a hacker can't get in is:
Block ports 9000-9005
Limit access to port 2083
As more information becomes available, it will be posted here.
Code: Select all
sh / scripts / cwp_security_audit------------------------------------------------------
[INFO] Auditing cwpsrv (PID: )
[OK] cwpsrv looks clean.
------------------------------------------------------
[INFO] Auditing php-fpm-cwp (PID: )
[SECURITY ALERT] Unauthorized port: php-fpm
Error:Can't add notification!------------------------------------------------------
[INFO] Auditing apache (PID: )
[OK] apache looks clean.
------------------------------------------------------
[DONE] Security audit finished.
--
It is currently not clear what is triggering this warning.
Even servers that are not using PHP-FPM are showing this security warning box.
--
You can check if you are running PHP-FRPM by running:
Code: Select all
systemctl status php-fpmThen PHP-FPM isn't running.
Things you can do to make sure a hacker can't get in is:
Block ports 9000-9005
Limit access to port 2083
As more information becomes available, it will be posted here.