Announcement:
Hi all,
Earlier today, this site went down for a few hours because my account was deactivated by Bluehost! I got an email about it from them, saying that SpamHaus.org blacklisted my site and asked me to call them about it. It was rude for them to deactivate my account without warning. So I called Bluehost TOS department. They told me that my site server was used to send out large volumes of spam mail using a technique called "snowshoe spamming".
http://www.wisegeek.com/what-is-snowshoe-spamming.htm
Bluehost reactivated my account, but they warned me that if it happens again, I'll have to find another webhost. Apparently, someone hacked into our mail server and used it to send out tons of spam mail. I'm not sure how. Maybe by hacking into my account or email or installing malware on this site. Either way, they instructed me to deactivate my mail servers until I trace down the malware using one of their programs, or another way. So I've done that for now. This means that you won't receive any email notifications from the forum for now, until I get this thing fixed and sorted out. Then I'll have to check the mail server logs to see if it's still sending out spam. I'll also have to change my webhost account passwords too of course, in case those were hacked as well.
I'm sure not how this happened, or whether dark forces are targeting this site, or whether we were just the victim of a mass snowshoe spam attack that was widespread across many IP's and not specifically designed to target us.
Any of you know anything about this or have any suggestions? I'll update you all if I find out anything.
HA shut down after mail server was hacked by spammers!
Moderators: fschmidt, jamesbond
Forum rules
Welcome. If you are new here, please read the Forum Rules.
Welcome. If you are new here, please read the Forum Rules.
HA shut down after mail server was hacked by spammers!
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!
Join my Dating Site to meet thousands of legit foreign girls at low cost!
"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
Join my Dating Site to meet thousands of legit foreign girls at low cost!
"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
Meet Loads of Foreign Women in Person! Join Our Happier Abroad ROMANCE TOURS to Many Overseas Countries!
Meet Foreign Women Now! Post your FREE profile on Happier Abroad Personals and start receiving messages from gorgeous Foreign Women today!
Re: HA shut down after mail server was hacked by spammers!
Update:
After Bluehost support scanned my site for malware and found none, they reinstated my mail server. So you should now be receiving forum emails and notifications again. So far, the mail spammers and hackers have not come back. But I will have support monitor the mail server logs to see if they return. I don't know how they hacked our mail server in the first place. So it's hard for me to know how to prevent it. That's the problem. Anyone have any idea?
Do you think we should encrypt this site with SSL certificates so that our address starts with https rather than http? Is this necessary? Would it help protect against hackers? Anyone know anything about this? I'm referring to this:
https://googlewebmastercentral.blogspot ... ignal.html
After Bluehost support scanned my site for malware and found none, they reinstated my mail server. So you should now be receiving forum emails and notifications again. So far, the mail spammers and hackers have not come back. But I will have support monitor the mail server logs to see if they return. I don't know how they hacked our mail server in the first place. So it's hard for me to know how to prevent it. That's the problem. Anyone have any idea?
Do you think we should encrypt this site with SSL certificates so that our address starts with https rather than http? Is this necessary? Would it help protect against hackers? Anyone know anything about this? I'm referring to this:
https://googlewebmastercentral.blogspot ... ignal.html
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!
Join my Dating Site to meet thousands of legit foreign girls at low cost!
"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
Join my Dating Site to meet thousands of legit foreign girls at low cost!
"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
Re: HA shut down after mail server was hacked by spammers!
By the way, if any of you run websites, here are some free online tools that checks for malware or malicious scripts on your site.
https://aw-snap.info/file-viewer/
https://sitecheck.sucuri.net/
http://quttera.com/
http://www.unmaskparasites.com/
http://www.sparktrust.com/
https://www.virustotal.com/#url
https://aw-snap.info/file-viewer/
https://sitecheck.sucuri.net/
http://quttera.com/
http://www.unmaskparasites.com/
http://www.sparktrust.com/
https://www.virustotal.com/#url
Check out my FUN video clips in Russia and SE Asia and Female Encounters of the Foreign Kind video series and Full Russia Trip Videos!
Join my Dating Site to meet thousands of legit foreign girls at low cost!
"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
Join my Dating Site to meet thousands of legit foreign girls at low cost!
"It takes far less effort to find and move to the society that has what you want than it does to try to reconstruct an existing society to match your standards." - Harry Browne
Re: HA shut down after mail server was hacked by spammers!
Ya you should watch ALL, I know it might be a bit boring, just the beginning,
YouTube will not parse https, no minor issue,
The mouse over graphics in the navigation bar, obvious errors not fixed for a long time, a very bad sign,
<a onmouseover="setOverImg('14','');" onmouseout="setOutImg('14','');" href="http://www.happierabroad.com/team.php" target=""><img id="button14" src="buttons/undefined" border="0" vspace="1" hspace="1"></a>
just a point to reference
I am no expert, maybe a lot of vulnerable code, I have a bad feeling you may need to re-code the whole site,
scanning for a string of malicious code is not the same as vulnerable code or structure, a scanner will not find this.
YouTube will not parse https, no minor issue,
The mouse over graphics in the navigation bar, obvious errors not fixed for a long time, a very bad sign,
<a onmouseover="setOverImg('14','');" onmouseout="setOutImg('14','');" href="http://www.happierabroad.com/team.php" target=""><img id="button14" src="buttons/undefined" border="0" vspace="1" hspace="1"></a>
just a point to reference
I am no expert, maybe a lot of vulnerable code, I have a bad feeling you may need to re-code the whole site,
scanning for a string of malicious code is not the same as vulnerable code or structure, a scanner will not find this.
משה בן יצחק
-
- Similar Topics
- Replies
- Views
- Last post
-
- 2 Replies
- 2436 Views
-
Last post by Winston
-
- 8 Replies
- 2023 Views
-
Last post by Moretorque
-
- 3 Replies
- 2722 Views
-
Last post by Teal Lantern
-
- 0 Replies
- 1762 Views
-
Last post by zboy1
-
- 0 Replies
- 2147 Views
-
Last post by zboy1
-
- 2 Replies
- 2354 Views
-
Last post by xiongmao
-
- 2 Replies
- 4378 Views
-
Last post by Cornfed
-
- 3 Replies
- 2798 Views
-
Last post by Winston