Infected Files Sending Spam Everyday

Rhuan

Active Member
Nov 10, 2010
42
0
56
Brazil
cPanel Access Level
Root Administrator
Hi, everyday I have to suspend at least 3 domains (not same) which have some php infected files and all content is encrypted, all my server run CloudLinux, CageFS, ClamAV Scanner, Maldetect, suPHP + suExec

Is there some tool that I can use to prevent this infected files to run on my server ? I'm losting clients about this.
Thank you so much!
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,229
463
Hello :)

Have you verified that clients are using updated scripts that are not vulnerable? You may want to investigate and determine how the scripts are exploited with the help of a qualified system administrator to determine the best course of action.

Thank you.
 

LostNerd

Well-Known Member
Mar 12, 2014
258
12
18
Hastings, East Sussex, UK
cPanel Access Level
Root Administrator
Twitter
Are your clients using software like Wordpress by any chance? If so, it's likely that their files have been infected by using insecure plugins.

There is a great plugin (free to use) in the Wordpress Plugin Store called Wordfence. I suggest you recommend this to all clients using Wordpress.