August 1, 2015 in Classic self-hosted technical help
Someone keeps adding files into my forums root directory. I received emails from google and another country about phishing going on. I deleted all the suspicious files and folders and even turned the forums offline, in case there is an exploit related to actual posting or uploading or searching or whatever else.
What else can I even do? So far no response from IPS, no response from my host, my host's support system is ridiculous, with buttons not even submitting tickets (until I finally found another place to submit from) and the password reset doesn't even work so I can't change my password sicne I don't remember my old one (I had it stored in the browser).
This is a real mess. What can you really do when nobody answers and your host's site is full of either bugs or intentional ways of not getting things done. I figured if they had my cpanel or ftp passwords, they'd have changed them to lock me out and that hasn't happened but just in case I figured I better change it and now the stupid password reset doesn't even send me an email.
I also see tons and tons and tons and tons of email failure messages where scripts were trying to send emails to bogus people and whatnot.
You are on a shared host or a VPS/Server?
shared. the host had sent a message/opened a ticket about this, also, but for some reason they don't even send me emails saying a ticket was opened, so I didn't even know they were aware of this. All they did was delete like one folder and left a bunch of other crap. So they obviously aren't figuring anything out. With the forum disabled, and still them doing it, obviously they have access in some way, whether it be by password or something I am missing. looked everywhere that had recent changes. Maybe there is some sort of backdoor putt here long ago that I am not finding. I am certainly no expert on this.
Someone changed my password like 24 hours ago (maybe me when I used the reset password form, yet it never told me the new temp password or gave any link to change it!) and the dumb host hasn't even responded to me still. Who knows what these loser hackers are doing at the moment. Maybe whoever changed it wasn't them and they are locked out, but they probably already added more backdoor files before it was changed and I can't get on the freakin ftp to get them off since I don't know the pw either.
This topic is now archived and is closed to further replies.
Started 21 hours ago
Started Wednesday at 10:03 PM
Started November 17, 2023