timothysd

Registered
Jul 21, 2021
3
2
3
United States
cPanel Access Level
Website Owner
I recently experienced a spam mail hack where someone was sending spam mail from my cpanel email.
I was able to get the malware removed and check all my files due to some assistance from a cpanel expert, but I want to make sure this doesn't happen again.
My cpanel is installed to my arvixe hosted server, and I don't have root access.

Any recommends when it comes to improving security while using a host like arvixe?
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,923
912
313
cPanel Access Level
Root Administrator
Hey there! A lot of the security settings would require root access to the system. For example, cPanel has a built-in tool that specifies what users can connect to the mail server, which can help stop automated spam from PHP scripts.

Do you know if this user was logged into webmail and sending messages or if they were sending from a script on your website? The security methods you'd need to put in place really depend on how the access happened.
 

timothysd

Registered
Jul 21, 2021
3
2
3
United States
cPanel Access Level
Website Owner
It sounds like I will be mostly reliant upon my host's security given my lack of root access.
From what I know about the security breach, they were sending mail from a script. I believe via a file that they were able to upload onto my database.
After I removed the file and changed my passwords, no spam emails since.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,923
912
313
cPanel Access Level
Root Administrator
I'm glad you were able to track down the cause of the issue. I'd recommend changing any passwords on the account as well as performing a scan of your local computer, as the most common way passwords get stolen is through malware on a client machine.