Hello. Matomo: 4.14.2 on cpanel: CentOS v7.9.2009 STANDARD kvm, cPanel Version: 110.0.6
I keep getting these messages about Matomo:
Executable:
/opt/cpanel/ea-php80/root/usr/bin/php
Command Line (often faked in exploits):
/opt/cpanel/ea-php80/root/usr/bin/php -q /
/home/xxxxxxxx/public_html/xxxxxx.com/matomo/console climulti:request -q --matomo-domain=xxxxx.com --superuser
module=API&format=csv&convertToUnicode=0&method=CoreAdminHome.runScheduledTasks&trigger=archivephp
Network connections by the process (if any):
tcp: 127.0.0.1:36298 → 127.0.0.1:3306
tcp: 127.0.0.1:36302 → 127.0.0.1:3306
Files open by the process (if any):
/dev/null
/home/xxxxxxx/public_html/ixxxxxx.com/matomo/misc/GeoLite2-City.mmdb
and
Executable:
/opt/cpanel/ea-php80/root/usr/sbin/php-fpm
Command Line (often faked in exploits):
php-fpm: pool xxxxx.com
Network connections by the process (if any):
tcp: 127.0.0.1:36298 → 127.0.0.1:3306
Files open by the process (if any):
/dev/null
/tmp/.ZendSem.CJlxWV (deleted)