Yes, saya dapet email juga:
Greetings,
Since this morning, we have been combating multiple DDoS attacks across all of our locations. Upon further investigation, this is stemming from compromised VPS containers that utilize the Kloxo control panel software.
We have been made aware of an active zero day exploit in Kloxo with no workaround available. Essentially the exploit spawns a large number of httpd processes that allows the affected system to participate in a DDoS.
We kindly request your immediate attention into this matter, and ask that if you are running Kloxo that you disable it immediately.
Due to the fact that Kloxo developers are inactive and appears to be poorly written, along with the severity of this zero day exploit, we are prohibiting Kloxo to be ran on our VPS servers moving forward in order to protect our network and our users. We believe this is the best resolution, as Kloxo is not a secure software that should be used in any production environment. If your VPS is currently running Kloxo, please wipe your Kloxo install immediately. If you still require a control panel, below is a list of alternative free control panels that you can consider installing:
VestaCP
Webmin/Virtualmin
iMSCP
Ajenti
OpenPanel
ISPConfig
For more information regarding this Kloxo exploit please follow this discussion on WHT:
http://www.webhostingtalk.com/showthread.php?p=8996984If you are not running Kloxo on your server, you may disregard this email. Your prompt attention and cooperation in this matter is appreciated.
