[BlueOnyx:10153] Re: Trojans and backdoors?
SB9-PageKeeper Service
ml at sb9.com
Tue Apr 17 13:00:15 -05 2012
----- Original Message -----
Subject: [BlueOnyx:10150] Trojans and backdoors?
> Our BlueOnyx system seems to have been compromised by some sort of
> php-based
> Trojan which is allowing spammers to send spam through the webserver.
> We're
> having a hard time tracking it down to a particular virtual site, and
> shutting off php for all users is not an option - besides the people using
> WordPress and shopping carts, the SquirrelMail interface breaks when php
> is
> shut off.
>
> Are there any updates which can help with this? We are using the
> SolarSpeed
> 5106R-PHP-5.3.8-SOL3AV package, and given all the issues we had getting
> the
> two different versions of php to play nice on BlueOnyx, we don't want to
> be
> to aggressive with upgrading.
>
> Also, is there a way to simply block the webserver from sending out on
> port
> 25?
>
> Thank you,
> Darren
> ECPI Western Broadband
> (512)257-1077
> (254)213-6116 fax
>
>
> _______________________________________________
Might check the plugins that wordpress uses. There is a big problem with a
few of them.
WordPress may be the backdoor. Google 'wordpress trojan'.
More information about the Blueonyx
mailing list