The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Spam from VPS

Discussion in 'Security' started by captainron19, Nov 10, 2011.

  1. captainron19

    captainron19 Active Member

    Joined:
    Nov 10, 2011
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi new here and not a total computer wiz so go easy on me..... just a firefighter who has a VPS where I have some clients for websites.
    Recently I received a noticed from the company where I have my VPS (Host Ican) that there is a great deal of spam coming from my ip address. Also that same day I found out AOL had blacklisted my IP (I have an AOL address and no emails were going through from regular email or online forms to any AOL address) I filled out an AOL whitelist request and within a day emails were coming back fine but less than 14 hours later ....on the blacklist again so I am assuming that spam is still coming from my IP.

    The steps I took so far (right after I received the notification and found out about being blacklisted on AOL) was to change my root password for acesss into the WHM and VZ Panel. I also found some formmail.php scripts on my site that I was worried may be open for easy use so i deleted them and replaced all of my online forms on all websites with a more secure java script form.

    My question is..... is there anyway I can find out where the spam is coming from? My hosting company sent me something with the headers from one of the spam messages and it just showed my server info (server.storksnmore.net)

    Please any help that can be provided would be appreciated!
     
  2. minosjl

    minosjl Well-Known Member

    Joined:
    Jun 4, 2011
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    cPanel Access Level:
    Root Administrator
    first thing you need to do is enable the module php header on your cpanel server using compiling the esayapahe.After that please check your mail queue and make sure the mails are not generating from any of your email accounts hosted .

    If its from outside we need to check is there any vulnerability are present on your server.You can scan your server using iscanner to find out iframe injection :........

    :rolleyes:
     
  3. captainron19

    captainron19 Active Member

    Joined:
    Nov 10, 2011
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Ok that was entirely all greek to me .... especially the first sentence
    :eek::D
     
  4. k-planethost

    k-planethost Well-Known Member

    Joined:
    Sep 22, 2009
    Messages:
    199
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Athens Greece
  5. minosjl

    minosjl Well-Known Member

    Joined:
    Jun 4, 2011
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    cPanel Access Level:
    Root Administrator
    by brother gave a better link for you,please check the link and try to under stand

    :eek:
     
Loading...

Share This Page