• What to do if the server sends out spam

    • views 1193

    We moved our site to VPS, as well as 4 other client sites and after that it blocked outgoing emails, because ostensibly it is spam being sent. Does this mean that the site was hacked? And how do I fix it? PS: we are not developers, we are web marketing specialists. I would be grateful if the answers are detailed.

    Solutions (1)

    If the customers, whose sites you moved to vps, don`t send out spam, then most likely the sites are hacked. Try to check the content of the sites with the help of a scanner like Ai-Bolit from the Revisium. It will probably show you which potentially dangerous files are performing this mailing. Also, if the current hoster administrates your vps, ask them to connect to the site which sends spam php with the module Suhosin (makes some adjustments to the work of the php) and limit these sites using the settings in php.ini:\nsuhosin.executor.eval.blacklist = "base64_encode,include,include_once,require,require_once,curl_init,fpassthru,file,mail,exec,system,proc_open, leak,syslog,pfsockopen,shell_exec,ini_restore, symlink,stream_socket_server,proc_nice,popen,proc_get_status,dl, pcntl_exec, pcntl_fork, pcntl_signal,pcntl_waitpid, pcntl_wexitstatus, pcntl_wifexited, pcntl_wifsignaled,pcntl_wifstopped, pcntl_wstopsig, pcntl_wtermsig, socket_accept,socket_bind, socket_connect, socket_create, socket_create_listen,socket_create_pair,link,register_shutdown_function,register_tick_function,file_get_contents, file,fopen,fsockopen,readdir".

    The list of functions can be shortened or expanded depending on your needs and the extent of the hacking. Also, it would be useful to contact any security specialists to get more detailed recommendations and help. The experts at Revisium.

    Answers (1)
    For the correct answer, we need to know what software you have on the server. Basically, look at the mail logs and the queue of outgoing emails, there you might find information about in which script the SPAM is sent. Either one of the sites or the server is hacked.
We do our best for you!
Rate the article
or
Tell the world about it

Users (0) 0 of 5

  • In order to provide you with the best online experience this website uses personal data (cookies, IP, email, photo, name, website, etc). By using our website, you agree to our use of your personal data. More info we receive some monetary compensation from hosting companies, however, this does not influence their positions in our ratings, test results, the direction or conclusions of our reviews in any way. We use this amount to provide better services, improve our website, to cover hosting testing account fees and team salaries. Ok

  • easy
    1

    NO BOTS

    We ban anonymous users since 2016
    2

    NO BRIBES

    We do not delete reviews for money
    We do not sell rating positions
    We make cheating attempts almost impossible
    3

    EXPERT ADVICE

    We test the hosting thoroughly and publish professional overviews
  • Rewards for reviews