The following article applies to cPanel shared hosting
From August 2021, we will be sending out automatic security notifications if we detect vulnerable or outdated applications hosted upon your cPanel shared hosting account.
In addition, if we detect malware on an account, we will now automatically quarantine the malware file and inform the you of this by email, the file(s) will remain in quarantine for 60 days before being deleted.
These alerts will be sent to the account holder as configured within cPanel, we advise you log into your cPanel account and check the address is up to date by clicking on “Contact Information”.
NOTE: If you have purchased PatchMan for your account then there will be no change, you will still receive the additional benefits of automatic mitigation and patching through your PatchMan portal.
Type of Notifications
The email notifications fall into three categories:
These emails warn if your application is out of date, it does not mean that your application is vulnerable or has been hacked however it is likely that the version may contain vulnerabilities and you should consider updating to the latest version.
This warns that your application contains known vulnerabilities that are highly likely to be exploited. You should take immediate action to update your application:
- If you have purchased Patchman for your account, login to your Patchman portal and patch your application which provides immediate mitigation. Click here to learn how to upgrade.
- If you have not purchased PatchMan then updating your application to the latest version is usually sufficient to resolve the vulnerability. Most applications, including WordPress, have an inbuilt update tool located with the admin area that makes this straightforward. However, be mindful that if you have installed third party themes or plugins for your application you should first check these are compatible with the version of software you are upgrading to.
If we detect Malware on your account you will receive this email, Malware tends to be introduced through a vulnerable application that has been exploited, so this will usually be received alongside a vulnerable application notification.
If detected our system will immediately quarantine the file to prevent further abuse, the file will then be deleted after 60 days.
The email will contain the name of the file(s) quarantined and type of malware detected, If you believe the detection to be false positive you can do the following:
- If you have purchased Patchman you can log into your Patchman portal and review the file, you can then either remove from quarantine or delete. Click here to learn how to upgrade.
- If you have not purchased Patchman then contact our support team with details of why you believe it to be a false positive and on confirmation our team will restore the file.
While Patchman can detect vulnerabilities in common applications and plugins, there may be instances where malware is detected but no vulnerable application email is received. This could be due to either your application having been updated but the infection occurring pre update or you have an application, plugin or theme that cannot be detected by Patchman.
In those cases, you should systematically go through any applications, plugins, or themes you have uploaded and check with the software vendors website to ensure they are up to date and have been installed correctly.
Infection can also occur through compromised passwords, in particular FTP passwords. This typically happens if your local PC has been compromised by a virus, you should scan your local PC and change your FTP password.
Upgrading to Patchman Full
As standard all clients receive security notifications, by upgrading to the full edition of PatchMan you also receive the following additional features:
- Access to the Patchman Portal
- Vulnerability reporting for supported applications
- Vulnerability Patching of common applications such as WordPress, Joomla Drupal, WooCommerce as well as popular plugins.
- Dynamic Malware scanning
You can add PatchMan to your package as follows: