Welcome to WebmasterWorld Guest from 18.104.22.168 , register , free tools , login , search , pro membership , help , library , announcements , recent posts , open posts Pubcon Platinum Sponsor 2014
spammer on server, can't find the script Hammer65
I have a cpanel server that apparently has a PHP script sending spam. There are quite a few accounts on the machine and I can't seem to find the script that is doing it. Any suggestions on how to track it down?
You can try this in the directory: find ./ -name *.php ¦ xargs grep -w "mail("
This will search for any PHP files containing the mail() function. From there, you can get an idea of which scripts are sending emails out.
If it's a script that allows visitors to send emails out (such as a 'email this' or 'share this'), a captcha may be needed so bots can't abuse it.
Also found "How To Log Emails Sent With PHP's mail() Function To Detect Form Spam". Then you can read the logs. I have not tried this, but looks like a good idea.