Control Web Panel

WebPanel => Updates => Topic started by: venty on February 21, 2026, 11:08:35 AM

Title: [SECURITY ALERT] Unauthorized port / [SECURITY ALERT] Unknown/Untrusted file..
Post by: venty on February 21, 2026, 11:08:35 AM

Hi,

Please help, today, after I entered the CWP panel, I have two new messages:

[SECURITY ALERT] Unknown/Untrusted file: /usr/lib64/gconv/gconv-modules.cache

and

[SECURITY ALERT] Unauthorized port, for more info run: sh /scripts/cwp_security_audit

The installation is AL 9.7, and there were a lot of updates yesterday.

Please help...

Thanks in advance, and have a nice day!

BR
Venty

Title: Re: [SECURITY ALERT] Unauthorized port / [SECURITY ALERT] Unknown/Untrusted file..
Post by: overseer on February 21, 2026, 02:14:59 PM

I have the /usr/lib64/gconv/gconv-modules.cache file on my AlmaLinux 8 servers (28K in size). Seem like a normal harmless cache file. Maybe the recent update attempts to tighten up security, but is generating false positives.

Indeed, look at the new cron job that runs cwp_security_audit:

Code: [Select]

[root@srv1]# ls -al /etc/cron.daily/cwp_security_audit.sh
-rwxr-xr-x 1 root root 31 Feb 17 18:40 /etc/cron.daily/cwp_security_audit.sh