• What to do if the server sends out spam

    • views 1016

    We moved our site to VPS, as well as 4 other client sites and after that it blocked outgoing emails, because ostensibly it is spam being sent. Does this mean that the site was hacked? And how do I fix it? PS: we are not developers, we are web marketing specialists. I would be grateful if the answers are detailed.

    Solutions (1)

    If the customers, whose sites you moved to vps, don`t send out spam, then most likely the sites are hacked. Try to check the content of the sites with the help of a scanner like Ai-Bolit from the Revisium. It will probably show you which potentially dangerous files are performing this mailing. Also, if the current hoster administrates your vps, ask them to connect to the site which sends spam php with the module Suhosin (makes some adjustments to the work of the php) and limit these sites using the settings in php.ini:\nsuhosin.executor.eval.blacklist = "base64_encode,include,include_once,require,require_once,curl_init,fpassthru,file,mail,exec,system,proc_open, leak,syslog,pfsockopen,shell_exec,ini_restore, symlink,stream_socket_server,proc_nice,popen,proc_get_status,dl, pcntl_exec, pcntl_fork, pcntl_signal,pcntl_waitpid, pcntl_wexitstatus, pcntl_wifexited, pcntl_wifsignaled,pcntl_wifstopped, pcntl_wstopsig, pcntl_wtermsig, socket_accept,socket_bind, socket_connect, socket_create, socket_create_listen,socket_create_pair,link,register_shutdown_function,register_tick_function,file_get_contents, file,fopen,fsockopen,readdir".

    The list of functions can be shortened or expanded depending on your needs and the extent of the hacking. Also, it would be useful to contact any security specialists to get more detailed recommendations and help. The experts at Revisium.

    Answers (1)
    For the correct answer, we need to know what software you have on the server. Basically, look at the mail logs and the queue of outgoing emails, there you might find information about in which script the SPAM is sent. Either one of the sites or the server is hacked.
We do our best for you!
Rate the article
or
Tell the world about it

Users (0) 0 of 5

  • In order to provide you with the best online experience this website uses personal data (cookies, IP, email, photo, name, website, etc). By using our website, you agree to our use of your personal data. More info we get commissions from the hostings, but our ratings are honest and the reviews are real.
  • Important

    We are in BETA. We need your help!

    Anonymous reviews are not allowed!

    Every month we add $50 to the account of a randomly selected user.*

    In addition, you will receive a free permanent link to your site after you leave an honest review!