Joomla Compromised Sending Spam

Z

zsana

Registered
Aug 27, 2014
2
0
1
cPanel Access Level
Website Owner
Greetings
I got a message from my side is that your site is spam. To solve the problem I have done the following tasks
1 Disconnect all users have access
2 I deleted all my emails
A few days later I received another spam message again. This time I did the following things.
1 core changed from 1.5 to 2.5
2 Remove some Shell files
3 transfering site to a new folder and redirect it
I have been in the mainstream, the core Joomla 2.5 only template I've moved the old site to site, plus the last site that it has changed direction and contract in the new folder. But again I received a spam message .i dont know What can I do please please help. Thank you
 
server9host

server9host

Well-Known Member
Sep 18, 2013
160
0
16
India
cPanel Access Level
Root Administrator
Re: request for solve a problem

Hello,

Please scan your whole account using maldet or clamscan if you found any infected file then quarantine those files.
Change the Password for email account from you get spam on server.
Enable SpamAssassin for your account.
Update you joomla

Please use above steps
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,268
463
Re: request for solve a problem

Hello :)

To clarify, are you receiving SPAM, or do you mean your Joomla script is sending out SPAM?

Thank you.
 
Z

zsana

Registered
Aug 27, 2014
2
0
1
cPanel Access Level
Website Owner
Re: request for solve a problem

what i've done is:
the scanning whole account whit ClamAV find viruse backdoor.php in the folowing way
www/components/com_search/functions.php
www/libraries/joomla/filesystem/archive/gallery.php
and quarantine them
What should I do to prevent the problem repeating?
how can i set the ClamAV to check outomaticly always my account?
Is there any way or website to help me understand my website still sends out spam before provider, close my website?
thanks a lot
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
C Mod_Security rules for Joomla login failures Security 2
B Joomla Suspicious process running under user homepage index.php Security 5
P Preventing brute force attack on WordPress and Joomla website Security 2
N joomla website compromised. advise please Security 2
sreeninair Joomla / WordPress admin attack from my server to remote: Security 5
Similar threads
Mod_Security rules for Joomla login failures
Joomla Suspicious process running under user homepage index.php
Preventing brute force attack on WordPress and Joomla website
joomla website compromised. advise please
Joomla / WordPress admin attack from my server to remote:
Top Bottom