The cPanel server has bene installed and NGINX is installed and started. Soon, the suspicious process notifications comes from CSF/LFD.
...Executable: /usr/sbin/nginx Command Line (often faked in exploits): nginx: worker process ...
So, the process needs to be whitelisted. Lets edit the following:
Add the following:
We can also add this in cPanel at “Home” > “Plugins” : ConfigServer Security and Firewall