Website recently hacked for Haintai

our cetos webpanel is hacked i could not able to figure it out from where they hacked i was running updated version of cwpPro

Hacker changed all accounts and email  passwords as well as they were able to change my root password too is there any serious security update released ?

you should contact your experienced server admin to check the logs or cwp support

yes i am personally looking at it. I just want to know if there is any broken script or something that being faced by other cwp users as well

thanks

nop, that anything was reported it would be already fixed, you need to check the logs and see where it was the issue, mostly server hack occurs if you use ssh at port 22 and week password.

I am not using port 22 any other suggestion to keep it secure

I am using firewall,spam , iptable,  maddate scan, userlogin security etc.

What scares me is just figuring out how a person can administer a server without SSH. As him/her patrols the logs and the boundaries of your server, how install their programs. how it monitors its load, how it checks the queue for E-mails, how it checks your firewall, how well it knows the harassment your server receives, all without SSH. Without SSH is not possible to do a realistic administration of the server. You can not manage a server with the panel alone. The dashboard is just a facility, primarily for customers, not for the administrator. For the administrator there are numerous tasks that are much better fulfilled through SSH, some of them are unique. So for me the server was hacked just because there is no one monitoring the server via SSH. The security of a server is like a chain: it is as strong as its weakest link. Install a postknocking to make your port 22 more secure, but be sure to use SSH.