Spamming issue

vkareit
(@vkareit)

9 years, 9 months ago

Hi,

I am facing spam issues on my website:

getting complaints from hosting provide regarding spam being sent from my wordpress website .

It seems that some one is uploading spam scripts in wordpress through anonymous folders.

How to know spam script and resolve spamming issues ?

Thanks

Viewing 8 replies - 1 through 8 (of 8 total)

Andrew Nevins
(@anevins)

WCLDN 2018 Contributor | Volunteer support

9 years, 9 months ago
You need to start working your way through these resources:
Additional Resources:
Thread Starter vkareit
(@vkareit)

9 years, 9 months ago

Hi Andrew ,

I have implemented many security plugins regarding spamming but they are just blocking inbound spammers to post , registration etc.

How would I know which script is sending spam mails from wordpress through sendmail binary.

thanks

Moderator Jan Dembowski
(@jdembowski)

Forum Moderator and Brute Squad

9 years, 9 months ago

Note: I’ve moved this topic to How-To and Troubleshooting. The Hacks sub-forum is for coding topics not this.

Andrew Nevins
(@anevins)

WCLDN 2018 Contributor | Volunteer support

9 years, 9 months ago

I would recommend reading the resources above. It doesn’t sound like you’re tackling the real issue here, that you are hacked.

Thread Starter vkareit
(@vkareit)

9 years, 9 months ago

Sorry for that if you did not get my issue.

I got this logs from my server firewall that my wordpress site is sending spam mails .

Time: Thu Aug 11 12:27:10 2016 +0300
Path: ‘/home/jehanab/public_html/wp-includes/js/swfupload/plugins’
Count: 21 emails sent

Sample of the first 10 emails:

2016-08-11 12:26:41 cwd=/home/jehanab/public_html/wp-includes/js/swfupload/plugins 4 args: /usr/sbin/sendmail -t -i -fernestine_white@jehanabad.org
2016-08-11 12:26:41 cwd=/home/jehanab/public_html/wp-includes/js/swfupload/plugins 4 args: /usr/sbin/sendmail -t -i -fernestine_white@jehanabad.org
2016-08-11 12:26:41 cwd=/home/jehanab/public_html/wp-includes/js/swfupload/plugins 4 args: /usr/sbin/sendmail -t -i -fernestine_white@jehanabad.org
2016-08-11 12:26:41 cwd=/home/jehanab/public_html/wp-includes/js/swfupload/plugins 4 args: /usr/sbin/sendmail -t -i -flynn_silva@jehanabad.org
2016-08-11 12:26:41 cwd=/home/jehanab/public_html/wp-includes/js/swfupload/plugins 4 args: /usr/sbin/sendmail -t -i -flynn_silva@jehanabad.org
2016-08-11 12:26:41 cwd=/home/jehanab/public_html/wp-includes/js/swfupload/plugins 4 args: /usr/sbin/sendmail -t -i -fernestine_white@jehanabad.org
2016-08-11 12:26:41 cwd=/home/jehanab/public_html/wp-includes/js/swfupload/plugins 4 args: /usr/sbin/sendmail -t -i -flynn_silva@jehanabad.org
2016-08-11 12:26:41 cwd=/home/jehanab/public_html/wp-includes/js/swfupload/plugins 4 args: /usr/sbin/sendmail -t -i -fernestine_white@jehanabad.org
2016-08-11 12:26:41 cwd=/home/jehanab/public_html/wp-includes/js/swfupload/plugins 4 args: /usr/sbin/sendmail -t -i -flynn_silva@jehanabad.org
2016-08-11 12:26:41 cwd=/home/jehanab/public_html/wp-includes/js/swfupload/plugins 4 args: /usr/sbin/sendmail -t -i -fernestine_white@jehanabad.org

Possible Scripts:

Thanks

Andrew Nevins
(@anevins)

WCLDN 2018 Contributor | Volunteer support

9 years, 9 months ago

Why don’t you think you’ve been hacked? Someone has access to your installation and is using your web space (that your hosting providers have given you) to send malicious emails. Resolving your hack will resolve the spam emails, but it sounds like you want to stick a plaster on the problem instead.

Thread Starter vkareit
(@vkareit)

9 years, 9 months ago

so that means changing passwords of wordpress admin and database user will resolve the problem , I have also scanned the website with antivirus and
link http://sitecheck.sucuri.net/scanner/

but still facing this type of issues on regular basis.

Thanks

Andrew Nevins
(@anevins)

WCLDN 2018 Contributor | Volunteer support

9 years, 9 months ago

Installing plugins, changing the username and password and scanning your website with sucuri won’t resolve your hacked issue. I’m afraid that resolving a hacked site doesn’t take 5-10 minutes. It takes hours of tedious delousing, but it is all explained in the resources above.

Viewing 8 replies - 1 through 8 (of 8 total)

The topic ‘Spamming issue’ is closed to new replies.

Spamming issue

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics