The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Outgoing Spam via PHP Scripts

Discussion in 'E-mail Discussions' started by wsadams, Jan 11, 2017.

Tags:
  1. wsadams

    wsadams Registered

    Joined:
    Jan 11, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    South Carolina
    cPanel Access Level:
    Root Administrator
    I have 2 accounts on my VPS (which I own) that I'm having problems with. Every day, a new PHP script is uploaded to a different directory in these 2 accounts. That file sends out hundreds of emails before i find it and remove it.

    So far, I've:

    - Disabled FTP on both accounts
    - Checked SSH history (its disabled except for root)
    - Changed the cpanel password.

    They occasionally use the DEFAULT cpanel email to send outgoing email as well.

    1. How else could someone be uploading these scripts?
    2. What else can I do to track down who or what is doing this.

    Thanks in advance
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,204
    Likes Received:
    1,297
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page