You should configure the following in your WHM (CPanel):
Main >> Server Configuration >> Tweak Settings
[x] Prevent the user ‘nobody’ from sending out mail to remote addresses (php and cgi scripts generally run as nobody if you are not using phpsuexec and suexec respectively.)
[x] Track the origin of messages sent though the mail server by adding the X-Source headers (exim 4.34+ required)
Main >> Security >> Fix Insecure Permissions (Scripts)
Main >> Security >> Tweak Security
“Compilers are disabled for unpriviledge users”
Main >> Service Configuration >> Enable/Disable SuExec
suexec Status “enabled”
Main >> Account Functions >> Disable or Enable Demo Mode
Select from “Users” the “demo” account and click “Modify” then click “Disable” if it exists :)