We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Spam Coming from my Website

martindow
martindow Posts: 10,644 Forumite
Part of the Furniture 10,000 Posts Name Dropper
in Techie Stuff
One of my sites has been apparently been sending large quantities of spam. The host took the site down for a few hours and after that the spam stopped. Looking at the remote site files there is nothing obviously different from the local files on our PC.

The hosting people seem sure the spam is originating from our site but I think it could be that the emails are addressed to us presumably with BCCs meaning a lot of traffic is passing through.

Can anyone advise how to proceed to check everything is sorted?

Comments

  • Figment
    Figment Posts: 2,643 Forumite
    Part of the Furniture Combo Breaker
    Your host should be able to check server logs to determine if the spam is coming from your site. It's possible they have hacked into your account and using the outgoing SMTP server. First step should be to change your login passwords for the site and email/webmail (if different).
    How do I add a signature?
  • martindow
    martindow Posts: 10,644 Forumite
    Part of the Furniture 10,000 Posts Name Dropper
    The passwords are now changed. Is there anyway of checking whether there is anything malevolent in place on the site itself?
  • chib
    chib Posts: 537 Forumite
    Part of the Furniture 100 Posts Home Insurance Hacker!
    Is it a Wordpress site, if so - it could be an extension?
  • martindow
    martindow Posts: 10,644 Forumite
    Part of the Furniture 10,000 Posts Name Dropper
    chib wrote: »
    Is it a Wordpress site, if so - it could be an extension?
    No it's a straightforward html site made on Dreamweaver and an Actinic shopping cart. I removed a form sometime ago as I understood that could be vulnerable.
  • Figment
    Figment Posts: 2,643 Forumite
    Part of the Furniture Combo Breaker
    martindow wrote: »
    The passwords are now changed. Is there anyway of checking whether there is anything malevolent in place on the site itself?

    Only by the slow process of checking every file/folder, or you could use the Synchronise feature in Dreamweaver to compare the remote and local copies, which would show any files on the remote that you don't have locally. This assumes the local copy was up to date and hasn't been synch'd since this problem began
    How do I add a signature?
  • martindow
    martindow Posts: 10,644 Forumite
    Part of the Furniture 10,000 Posts Name Dropper
    Thank you everyone. I thought I would come back having hopefully resolved this.

    We have followed your advice, scanned the computer, changed passwords, deleted the site from the host and resubmitted the site from saved files. However the problem seems to have occurred as the result of a vulnerability in a form in actinic used to send an email from the site. This has been taken off the site we are hoping that all is now well.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 352.7K Banking & Borrowing
  • 253.8K Reduce Debt & Boost Income
  • 454.6K Spending & Discounts
  • 245.8K Work, Benefits & Business
  • 601.8K Mortgages, Homes & Bills
  • 177.7K Life & Family
  • 259.7K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 37.7K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture