Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Not a member yet? Click here to register.
Forgot Password?

Site hacked to send spam

Asked Modified Viewed 2,310 times
O
old_mac
O
If you throw a cat out of a car window, is it kitty litter?
  • Newbie, joined since
  • Contributed 5 posts on the community forums.
  • Started 2 threads in the forums
  • Started this discussions
asked
Newbie

Hi Folks

I have been informed by my IPS that my site has been used to send spam. I have noticed a couple of strange e-mails in the last day. They have initiated mod_security on the site, but advised me to notify you, to change the "sendmail" code. They feel it is somewhere in the "Contact Me" code.

Chris
chris@grabil.ca
0 replies

7 posts

B
Bad Boy
B
____________________
BadBoy aka GoogleDude
http://www.googlecityforums.com
  • Member, joined since
  • Contributed 155 posts on the community forums.
  • Started 1 thread in the forums
answered
Member

You may want to remove that file from your server until you get this problem solved.

Do a site search here, because I think there was a similar problem with the "Contact Me" file that has been posted.

Someone else should be addressing this soon that will be able to help you more.
0 replies
O
old_mac
O
If you throw a cat out of a car window, is it kitty litter?
  • Newbie, joined since
  • Contributed 5 posts on the community forums.
  • Started 2 threads in the forums
  • Started this discussions
answered
Newbie

Something i have noted is that this all started after I put my site up on the PHPFusion site as an example. I suspect there are a number of lurkers that snatch up the new site URLs and go to work to hack them!

I suggest that this be removed from the PHPFusion site until this can get hammered out. No point in spoon feeding the idiots.

Chris
Edited by old_mac on 05-04-2006 15:09,
0 replies
K
Ken
K
Ken 10
No Support by PM. Please use the forum.
  • Senior Member, joined since
  • Contributed 713 posts on the community forums.
  • Started 43 threads in the forums
answered
Senior Member

Chris, are you running latest version, 6.00.305? There was a problem with spam in a older version. If you are not running the latest version, try upgrade.
0 replies
O
old_mac
O
If you throw a cat out of a car window, is it kitty litter?
  • Newbie, joined since
  • Contributed 5 posts on the community forums.
  • Started 2 threads in the forums
  • Started this discussions
answered
Newbie

YUP I upgraded to 6.00.305 about a week ago. This started when I was on version 6.00.303.
Chris
0 replies
A
Andrew
A
Andrew 10
  • Junior Member, joined since
  • Contributed 12 posts on the community forums.
  • Started 1 thread in the forums
answered
Junior Member

There was a howto some time ago about why you should never put "Contact.php" on the server in that exact name. You should always rename it to a random name because people scan for that exact name. I would recommend not putting contact.php on your server if you've already had problems. If people want to email you they'll contact you if its important.
0 replies
O
old_mac
O
If you throw a cat out of a car window, is it kitty litter?
  • Newbie, joined since
  • Contributed 5 posts on the community forums.
  • Started 2 threads in the forums
  • Started this discussions
answered
Newbie

I just read about changing the name like you suggest. Why not put all the names into MD5? Then nobody will know what files do what!

Chris
0 replies
K
kejonn
K
kejonn 10
  • Member, joined since
  • Contributed 160 posts on the community forums.
  • Started 16 threads in the forums
answered
Member

My hosting company sent out a notice some time back about contact forms. In fact, they took a proactive stance of searching servers for files named "contact.php" and would delete them (or at least that's what they said they would do)! So I just changed my contact form to another file name and changed the links. Therefore this is NOT an issue unique to PHPFusion.

Bad_boy is right about this being posted earlier. In fact, I think I posted my hosting companies email when I received it so Fusion users would be aware that there were hackers out there looking for that file name so they could exploit it.
0 replies

Category Forum

Bugs and Errors - 6

Labels

None yet

Statistics

  • Views 0 views
  • Posts 7 posts
  • Votes 0 votes
  • Topic users 5 members

0 participants

Notifications

Track thread

You are not receiving notifications from this thread.

Related Questions

Not yet