Web site is infected

Started by keith.bowman, Nov 02, 2022, 12:28 AM

Previous topic - Next topic

keith.bowmanTopic starter

Colleagues, good day!
A couple of days ago, trouble happened. One of our web sites seems to have been infected with a virus. Apparently they broke it, introduced Trojans into it and now it's even "more fun".
The domain on which website is bolted to our mail server and today a threatening letter came from the service, where our DNS zone for the mail server, and the entire hosting of all sites, that we are given 48 hours to fix the problem, because spam is coming from our IP. Then block it. Apparently someone complained to them about us.

How to treat sites in general. I have never been involved in the treatment of sites (.  there is FTP access there.
Also checked site through mxtoolbox shows that we are on the Truncate blacklist.
Please help me figure out how to get rid of the infection and not get blocked.


Suppose that your website on a Joomla of some kind.
Such sites have the right to exist only if you made it, and then put it on the directory recursively -windows—é
Come on, they shoved a php file that uses cms phpmail and is sent locally from web hosting. In the ISP, block all the mail and sort it out.

In my personal experience, I have done several sites on WP "on smoke breaks". The bots didn't break any. Spammbots in comments and other submit fields are a vulnerability of any dechman CMS, so we do not consider it.
But a couple of web sites on Joomla  broke all the Chinese bots of Jin hui province within a month after publication.

In short, at your peak, I see only one thing - WP has more known holes and they are either already patched or patched in patches.
And nobody gives a shit about Joomla , including the developers. Nobody is looking for holes, nobody wants to patch them.