1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

My site reported for spam

Discussion in 'Web Hosting' started by Mutikasa, Oct 12, 2015.

  1. Mutikasa

    Mutikasa Power Member

    Joined:
    May 23, 2011
    Messages:
    581
    Likes Received:
    207
    My VPS cent me a ticket that my site is having virus and sending spam. I have port 25 turned off. I believe it's a fake report or something.
    MY vps provider got email form these guys clean-mx.de and now they want to wipe my VPS because I have a "virus".
    I don't buy this. What can i do? Do you know any VPS that ignores this?
     
  2. HostStage

    HostStage Jr. VIP Jr. VIP

    Joined:
    May 20, 2010
    Messages:
    1,873
    Likes Received:
    1,768
    Occupation:
    BHW - CEO of Webhosting Company
    Location:
    BWH from France
    Home Page:
    I'm not sure about clean-mx and how legitimate they are.
    However, regarding the mail spam, if you are using wordpress it is very common issue.

    Today, on my daily morning routine, I had to clean 2 websites infected by such malware. By cleaning, i don't mean that I whiped the hosting account out but cleaning the malware without the user even knowing it.

    Wiping out the VPS seems a bit an extreme solution. There are quite a few steps before doing such things to secure the website / server.
     
    • Thanks Thanks x 1
  3. Mutikasa

    Mutikasa Power Member

    Joined:
    May 23, 2011
    Messages:
    581
    Likes Received:
    207
    No, you see, my site is pure html and javascript. It's a landing page. Upon investigation I have seen that these guys, CIRT Germany are reporting all the similar landing pages.
     
  4. Asif WILSON Khan

    Asif WILSON Khan Executive VIP Jr. VIP

    Joined:
    Nov 10, 2012
    Messages:
    12,148
    Likes Received:
    33,703
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
    • Thanks Thanks x 1
  5. Mutikasa

    Mutikasa Power Member

    Joined:
    May 23, 2011
    Messages:
    581
    Likes Received:
    207
    No I didn't. I dont think you can send PMs yet
     
  6. bermanHost

    bermanHost Regular Member

    Joined:
    Aug 19, 2014
    Messages:
    478
    Likes Received:
    40
    Find the injected script and disable it by changing the permission and ownership of the file. Install antivirus software and have a scan daily. Install maldet scan in your server which is a best one to scan for virus hits. Some times spamming can be due to account compromised, so change the password very often if it is a wordpress site.
     
  7. Mutikasa

    Mutikasa Power Member

    Joined:
    May 23, 2011
    Messages:
    581
    Likes Received:
    207
    i have scanned with many software. nothing found. port 25 is disabled
     
  8. ChanzGrande

    ChanzGrande Elite Member

    Joined:
    Feb 16, 2008
    Messages:
    2,487
    Likes Received:
    1,177
    Occupation:
    Accountant
    Location:
    Northern Woods Counting Money
    No legitimate VPS provider should be threatening you because of this type of contact from an external third party. Whereas there is very little of legitimacy to the complainant one would think your VPS provider would recognize the false positive.

    You would think showing them documentation regarding your scans coming back clean would be sufficient. Seems like this third part is acting as police without the proper credentials and your VPS provider is responding favorably to their inquiries. I'd be moving my VPS straight away as the only way this makes much sense is if they are in on the scam.
     
    • Thanks Thanks x 1
  9. Mutikasa

    Mutikasa Power Member

    Joined:
    May 23, 2011
    Messages:
    581
    Likes Received:
    207
    this is a good point.
     
  10. Rankin42

    Rankin42 Newbie

    Joined:
    Oct 22, 2015
    Messages:
    10
    Likes Received:
    0
    important issue and some great point notched
     
  11. Nut-Nights

    Nut-Nights Jr. VIP Jr. VIP

    Joined:
    Jun 20, 2013
    Messages:
    5,296
    Likes Received:
    3,375
    Location:
    Hell
    Home Page:
    Just backup your site and change your host. If i am at your place i will never keep my site with such a host.
     
  12. Boriss

    Boriss Supreme Member

    Joined:
    Nov 7, 2009
    Messages:
    1,440
    Likes Received:
    567
    Location:
    Inside a Monitor
    Your host needs to learn about sites like clean-mx.de

    They are emailing hosts with various reports showing malware, so your host will hire them.

    They are scammers.
     
    • Thanks Thanks x 1
  13. Mutikasa

    Mutikasa Power Member

    Joined:
    May 23, 2011
    Messages:
    581
    Likes Received:
    207
    Do you have anything about that? So others are doing the same , I guess. So called spam protectors.
     
  14. bermanHost

    bermanHost Regular Member

    Joined:
    Aug 19, 2014
    Messages:
    478
    Likes Received:
    40
    What kind of scan did you do? Out of 100, 90 percent the issue should be because of spamming script injected along with the html or java script in your website code. If you wish we can make a look over your server.
     
  15. bermanHost

    bermanHost Regular Member

    Joined:
    Aug 19, 2014
    Messages:
    478
    Likes Received:
    40
    Whatever the case is first take a backup of all the important files fro your VPS before the provider flush it off.