Community Q&A:
Contact form (formmail) compromised - what steps are required to deal with this. And how can I stop it happening on my other sites?
approx 500 emails sent from my contact form to my own contact email address in a 2 minute period, including "SomeCustomInjectedHeader:injected_by_wvs".
ANSWERS
|
0
|
Hello Billyb, I'm sorry to hear about your problems with the code injection into your emails. I tried to take a closer look at the issue by looking at your files, but there are a number of websites on your account and it's difficult to determine which one may have been involved in this problem. It is very possible that the file in CGI-bin has been corrupted or injected with code. I will include a link for suggestions to help avoid that. Those would be the best suggestions to avoid the issue. Part of the problem is that you also have all of these sites under one account. In order to avoid cross-contamination it would be more secure to have separate accounts. Otherwise, you have to search across multiple website files in one account to find the source of the issue sometimes. You can also secure the input page for the form mail using a captcha or re-captcha. It just doesn't look like it's happening at that level. If you're still having problems with script right now, my suggestion is to re-download it from a very good source (sourceforge.net is a great place) and then replace the code with newly downloaded one. This way you can see if the infection is happening outside of the form mail script. Try the suggestion in this link and then get back with us if the problem persists. What to do when your Website is hacked If you have any further questions, please contact technical support or leave a comment at the bottom of the page. Regards, Arnel C. |
Want to share this Question?
Tweet
Help Center Login
Related Articles
It looks like there are no related articles.
Would you like to ask a question about this page? If so, click the button below!
