Cach Doan

I just did another task over 1k emails. (I have 21k members in my community) I have over 21k members and about 70% of them subscribed to the newsletter.

Anyway, I just sent a bulk email out to 668 members without any issues. Here's the proof from invision power Here's my Amazon SES quota. I did it twice:

What was your rate for emails per second on your Amazon SES account that you can use push through several hundreds email per task? Also when you said several hundreds, how many hundred? Can I go 500 at a time?

Sorry for bringing this up again. I need to send emails to over 13,000 people who want to get my newsletters and updates. My Amazon SES account lets me send only 14 emails every second. What should I do to send them out efficiently? If I set it to send 10 emails every second, I think I can send all 13,000 emails in about 22 minutes. So far I haven't found a way to do this with invision power board. I hope someday there is an update and there is an option we can do this.

Are you utilizing a Virtual Private Server (VPS)? Some VPS providers may block the SMTP port as a standard measure. If this applies to your situation, you can submit a support ticket requesting the unblocking of the SMTP port. Be prepared to provide evidence supporting your specific use case scenario.

I've received private messages from several individuals inquiring about the steps I took during this process. So, for anyone else who may come across this topic in the future and have similar questions, here's my response: I'm not entirely sure of the problem's origins myself. I recently eliminated my entire WordPress website because it's no longer active and unnecessary. In fact, I didn't even conduct a virus scan on the WordPress site; I simply erased all of its contents. (I did see way much more random malware files on the wordpress site's files compared to Invision Community) Regarding the Invision community, I downloaded all its files onto my computer and then ran them through several antivirus programs for a thorough check. For instance, I used Bitdefender to scan the folder with my Invision board's backup. Following that, I uninstalled Bitdefender and repeated the process with a different antivirus software, ensuring that if Bitdefender missed anything, the other would likely detect it. I did this three times, using Bitdefender, Avast, and Kaspersky. As for the WordPress situation, I've observed on YouTube that people simply update everything to the latest versions and use a plugin called Wordfence to scan for any potential viruses. Additionally, you can download WordPress onto your computer and scrutinize all the files, similar to what I did with the Invision community. Here's the link to Wordfence: https://wordpress.org/plugins/wordfence/ This plugin even scrutinizes the database to guarantee that there's nothing harmful in it. However, I didn't utilize it since I had already removed the WordPress site.

I'd like to share an update: I managed to eliminate the malware from my system by completely removing my WordPress site, which was located in the root directory of my hosting account. The source of this malware was predominantly an outdated WordPress plugin. For future reference, I will not host WordPress on the same hosting account as my Invision Community. Since I own a dedicated server, I can create multiple user accounts and host WordPress separately on one of them. I executed a comprehensive cleanup of all infected files. This involved downloading all the files to my personal computer, conducting a thorough scan using various antivirus software—primarily Bitdefender Free, Avast, and Kaspersky Free—to eradicate and repair all infected files. After the cleanup, I reuploaded them to my server, without the WordPress sites.

Question: Is an empty index.html in some of the directory normal? I see those files. Do you guys have it? I hope it's not related to the malware since I am on a new server.

Update: I moved my entire site to another server. I got a free trial from Kamatera for 30 days just to test out if the malware will replicate or create more malware files on the new server. Before I made the move, I download all files to my local computer and scan it with avast, and this is what I found: Don't mind the folder "SYNC2" because that's the folder I sync all the files from the root directory to my local computer. the .ott file here is the main thing malware that we talked about this topic. I made sure to delete all of the files before I reupload all the files to the new server. Now this site is running by itself on the entire VPS server, so if there is any replication of malware, we will know for sure that the malware come from my invision power board directory and not from other WordPress site since there are no WordPress site running on this VPS. I re-install the "Movies" app after my site is running on the new VPS server, but so far no malware showing up. Let's wait for at least 24 hours and see if anything show up. If however, I can't resolved this issue on my own, I would like to move my site to the cloud, so that invision team will assist me to fix the issue? Then I can move back to my own server once it's fixed? Because I heard that once the files are on the cloud, all the malwares are not going to work. Meanwhile, I can't even access my dedicated server, it's now completely dead. I can't access any of the files. Luckily I have daily backup of my entire server on a daily basis and that was how I was able to upload files and database to the new server.

This is very useful information! I will take a look at that. I got a pm from someone here that offers to help me out. I appreciate all of your help.

I believe it's not the "Movies" app, but when installing the movies app, it might have call another PHP or function in the process, and that process or PHP file already infected, which is not related to any of the files from Movies. Because I know that IPS take a look at the source files for Movies before approving it.

I am transferring the forums to a new hosting service, and see if it can resolve the issue on its own without having to share any resources with other site, basically just by itself. I'll update you guys for more tips. I don't have no one to contact to because it is a dedicated server located at a datacenter. It's not hosting company, I manage everything. I have access to root. It's running on Centos7 linux with Centos Web Panel. I can definitely check the logs but I am not too good at it to figure out where the backdoor is. But what I am going to do now is just to move the entire site to a VPS temporary and see if the infection is back if it's by itself on another server. If there is no more viruses/malwares, i will format my server and do reinstall OS and everything then move the site back to the dedicated server. I know it'sa lot of work, but I don't really know where to find the backdoor, unless there's someone here that is willing to help me.

ok thank you for letting me know. I will go ahead and copy and replaced all the files. Thank you for your help.

Will reinstalling everything from the marketplace automatically give me all the files, then my database will automatically fixed it? like customize it I am worried if I don't do a fresh install of everything, I might accidentally copied the malware if I can't find it yet to the new host. Or is this something I shouldn't be worried about? Yes, there are other wordpress that were outdated, but I have removed it entirely since I don't need that site anymore, and yet the virus/malware still comes back.

I am installing it from the market directly. I would tell the author, however, I can't really sure if it was the "Movies" app that cause this or just the movie app that call a function or a php during the installing that is already existed on my server. So I can't really tell at this time if it was the app "Movies" or something else. I will keep you guys updated how I am resolving it. At the moment, it's back even without the "Movies" app. I just need to find the root of this. Meanwhile I am fresh installing my forums on another server to removed any unknown files. Can you guide me how to do this? My thoughts are: 1. Set up a new server, fresh installing Invision Power Board 2. Copy the upload folder? Because that's the files that user uploaded, like images, avatar, attachment. 3. I will reinstall the themes fresh, and also the plugins and apps fresh from the market place (not using the backup files since it might be infected) 4. Alfter all of that, I will simply Import and replace the new database with the old database (my backup mysql) Is this the correct steps? This way it is to ensure all the files are fresh, except the upload folders , since that folder is important since all the files are there. I will also scan the upload folders with my antivirus software on my computer to make sure there are no viruses. Let me know if I can do this? @Marc Stridgen