Partner and Community Forums
can't stop the spam
Last post Mar 28, 2016 04:39 PM by qwazi
Mar 26, 2016 05:13 PM|qwazi|LINK
I've got a 2008 R2 server hosting a PHP website. I am not the creator and I am a newbie to PHP. This website is very simple and static.
There are no links for email, contact us, or send to a friend. Therefore, this site should never be able to send email. However, it has been compromised somehow and it sends truck loads of spam. I can only stop it by disabling php-cgi.exe.
I have prot 25 blocked on the firewall, I have added script to php.ini to disable mail, I have modified configuration.php and took out all references to mail. But it still continues.
I have read multiple threads for fixing this on a Linux box. All say to add script to php.ini and it will log the mail activity but I can't get it to log in windows. Can anyone give me a simple solution to stop this on a windows box??
Mar 26, 2016 08:18 PM|HostingASPNet|LINK
You could check your server connections to see what PHP script is executed to send email. You could see detailed info in IIS access logs.
After that you could examine the PHP script for compromised code or remove the directly problem script. Also, you could
enable PHP error logging and to check the PHP logs for more info.
Mar 26, 2016 09:41 PM|qwazi|LINK
As I said, I already tried to enable logging and it didn't work.
I've opened MySQL workbench to look at SQL logs and I can't make heads or tails of it.
I don't know how to check server connections to see what PHP script is executed. As I said, I'm a newbie.
A little more simple instructions would be helpful.
Mar 28, 2016 04:39 PM|qwazi|LINK
I've asked 2 questions on this forum. I've gotten vague answers both times and no one follows up if I ask a second question. This forum isn't very helpful.