Outgoing Spam via PHP Scripts
I have 2 accounts on my VPS (which I own) that I'm having problems with. Every day, a new PHP script is uploaded to a different directory in these 2 accounts. That file sends out hundreds of emails before i find it and remove it.
So far, I've:
- Disabled FTP on both accounts
- Checked SSH history (its disabled except for root)
- Changed the cpanel password.
They occasionally use the DEFAULT cpanel email to send outgoing email as well.
1. How else could someone be uploading these scripts?
2. What else can I do to track down who or what is doing this.
Thanks in advance
-
Hello, You should first ensure any scripts uploaded to those accounts are updated to the most recent versions available from the vendor. Additionally, ensure to enable the options referenced on the following document: How to Prevent Email Abuse - cPanel Knowledge Base - cPanel Documentation Thank you. 0
Please sign in to leave a comment.
Comments
1 comment