Welcome to WebmasterWorld Guest from 126.96.36.199 , register , free tools , login , search , pro membership , help , library , announcements , recent posts , open posts Become a Pro Member
spammer on server, can't find the script Hammer65
Msg#: 3971532 posted 9:48 pm on Aug 13, 2009 (gmt 0) I have a cpanel server that apparently has a PHP script sending spam. There are quite a few accounts on the machine and I can't seem to find the script that is doing it. Any suggestions on how to track it down?
Msg#: 3971532 posted 6:32 am on Aug 14, 2009 (gmt 0)
You can try this in the directory: find ./ -name *.php ¦ xargs grep -w "mail("
This will search for any PHP files containing the mail() function. From there, you can get an idea of which scripts are sending emails out.
If it's a script that allows visitors to send emails out (such as a 'email this' or 'share this'), a captcha may be needed so bots can't abuse it.
Msg#: 3971532 posted 6:39 am on Aug 14, 2009 (gmt 0)
Also found "How To Log Emails Sent With PHP's mail() Function To Detect Form Spam". Then you can read the logs. I have not tried this, but looks like a good idea.