Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Combating Spam

Discussion in 'E-mail Discussions' started by cravend, Jan 11, 2018.

Tags:
  1. cravend

    cravend Member

    Joined:
    Apr 4, 2017
    Messages:
    21
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    United States
    cPanel Access Level:
    Root Administrator
    Hi,

    My server was compromised and has been sending out large amounts of spam mail. I have changed the webmail passwords & quarantined the breached files that were sending spam. However, I was wondering how I can best secure my server so that it's less likely to be hacked and send spam mail again.
     
    #1 cravend, Jan 11, 2018
    Last edited: Jan 11, 2018
  2. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,545
    Likes Received:
    44
    Trophy Points:
    328
    cPanel Access Level:
    Root Administrator
    You really have to figure out how your passwords were compromised. Were they weak passwords? Do you have keyloggers or malware on your computers or devices you use to check the accounts? Have you been connecting to the accounts over insecure public wifi or other networks?

    If your passwords were compromised it usually boils down to one of those possibilities. If you don't resolve it (for example, say you were using weak passwords and you are continuing to use weak passwords) then your passwords will continue to get compromised.

    If your sharing passwords across multiple platforms, that also falls under the category of weak passwords.
     
  3. cravend

    cravend Member

    Joined:
    Apr 4, 2017
    Messages:
    21
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    United States
    cPanel Access Level:
    Root Administrator
    I'm not positive how all of this works (I'm still learning!), but do you have to have a password to send email? It seems like a PHP script was infected on my site and that was sending emails. Either way, I use the password generator for my cPanel/Webmail/WHM passwords.

    Is changing my passwords & keeping them secure my best/only bet for preventing this?
     
  4. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,545
    Likes Received:
    44
    Trophy Points:
    328
    cPanel Access Level:
    Root Administrator
    Sorry, I thought this was determined to be a password compromise.

    Your first step is determining just how the messages were sent. If the malicious user was allowed to upload a script to the hosting account to send out the spam, they wouldn't have to have any passwords, but the question becomes - how was the user allowed to upload the malicious script?

    Are you keeping your scripts up to date?

    Are you using something like WordPress or Joomla!?

    Are you keeping the plugins and themes up to date?

    Are you using reputable plugins and themes?

    Are you keeping your admin passwords to these scripts safe and secure?
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,484
    Likes Received:
    1,612
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page