May 30, 2016 in Technical Problems
I updated my forum to latest v220.127.116.11 once I've received email notification 2-3 days ago. Yesterday my web hoster informed me that my server contains "finishing" pages. I discovered /login folder in the root with many unknown PHP files. So I deleted it. Then my SMTP server Postfix started to send many spam emails (around 100'000 per day!). And I don't know who sends this spam.
I tried to compare my forum files with new installation files - no lack. I see differences in some folders /datastore, /cache and some others. So I have no idea where is deleterious script.
I always instantly updated Invision forum. All configuration files are protected, I disabled dangerous PHP functions on my VPS. I have renamed /admin folder with password protection.
My VPS uses CentOS.
So I have no idea how to stop it.
Test virus, for example
PM me if you want me to take a quick look for you.
Thanks for your advices.
This topic is now archived and is closed to further replies.
Started September 8
Started September 4
Started 2 hours ago