Igor Kokarev Posted May 30, 2016 Share Posted May 30, 2016 Hi, I updated my forum to latest v4.1.12.1 once I've received email notification 2-3 days ago. Yesterday my web hoster informed me that my server contains "finishing" pages. I discovered /login folder in the root with many unknown PHP files. So I deleted it. Then my SMTP server Postfix started to send many spam emails (around 100'000 per day!). And I don't know who sends this spam. I tried to compare my forum files with new installation files - no lack. I see differences in some folders /datastore, /cache and some others. So I have no idea where is deleterious script. I always instantly updated Invision forum. All configuration files are protected, I disabled dangerous PHP functions on my VPS. I have renamed /admin folder with password protection. My VPS uses CentOS. So I have no idea how to stop it. Link to comment Share on other sites More sharing options...
Adlago Posted May 30, 2016 Share Posted May 30, 2016 Test virus, for example https://online.drweb.com/?url=1 Link to comment Share on other sites More sharing options...
Ahmad E. Posted May 30, 2016 Share Posted May 30, 2016 PM me if you want me to take a quick look for you. Link to comment Share on other sites More sharing options...
Igor Kokarev Posted May 31, 2016 Author Share Posted May 31, 2016 Thanks for your advices. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.