The cPanel server has bene installed and NGINX is installed and started. Soon, the suspicious process notifications comes from CSF/LFD.



Command Line (often faked in exploits):

nginx: worker process

So, the process needs to be whitelisted. Lets edit the following:

nano /etc/csf/csf.pignore

Add the following:


Restart CDF/LDF

csf -r

We can also add this in cPanel at “Home” > “Plugins” : ConfigServer Security and Firewall