EraHost - free domain & cheap host

CONTROL PANEL

CONTROL PANEL

Login:

Password:

Forgot password?
SUPPORT
SUPPORT

Possible solutions of your questions

<< Previous php_mail

Question:	Hello!Please enable php_mail, it is now inactive on my accounte.well I have found and eliminated what was the reason for hacking and spamming in my absence.
Answer:	Hello. please Wait, the request is sent to the administrator.
Answer:	Hello. update when You solved the problem
Question:	three or four days ago.
Answer:	please Wait, your issue is being dealt with.
Answer:	please tell us what exactly you did to solve the problem
Question:	My spam went through the shell. First, someone hacked into the admin area of the blog, then changed 404.php in the pattern, adding to such a form.Done ==> $userfile_name\";}}else{echo` `;}?>+ some folders in the root of the site I found with rights that differ from the standard.
Question:	By the way note how the form works perfectly!
Answer:	please wait, Your issue is being dealt with.
Question:	What do we decide?I don`t do spam, and I don`t have and are unlikely to be reasons for doing it is neither here nor servers which are specially designed for this purpose.The fact that I have at the moment, users are unable to register on the site, some content is hidden from bots, and some users in error are bots, they need to register to have access to the full content.
Question:	Now neither registration nor a password recovery do not work because they are tied to this php_mail
Answer:	it`s not that you are personally doing is spam or not. but the fact that spam was engaged through your site . you wrote that the spam went through right, but the shell itself does not appear, you found the cause, what actions were made that this would again. here`s an example report office office which audited one of the sites List of procedures 1. The site is scanned for all types of malicious code, viruses, and hacker scripts. Detected and terminated hacking scripts and insert malicious code in the following files: • ./wp-includes/wp-undreamed.php • ./wp-content/plugins/lnc.php 2. Closed vulnerability in the script recepty/wp-content/themes/BlogPost/timthumb.php 3. On the website is protected from hacking “cms hardening" ("cementing" of the site) closing a vulnerability in the scripts and eliminates the possibility of hacking the website via attack through the web. Details of the protection can be read on the page http://revisium.com/ru/clients_faq/#q4 in particular performed the following: • to enhance security, denied entry to all directories, also upload, image, tmp, cache, backup. All the cms files and templates made “read only”. This measure protects against unauthorized file changes and load into the system catalogs of hacker scripts and shells. • all directories allowed on the entry, placed a special .htaccess file that blocks access the scripts. The measure eliminates the possibility of unauthorized execution of the script .php loaded in the directory upload/image/tmp, etc. • From the server, removed all the unused text files .txt, .log, which contain the version of cms and plugins. The information contained in these files helps the hacker to identify which version of the CMS and, as a result, vulnerability and plugins. So leave such files on the server unsafe. • in the root .placed htaccess code to prevent model hack attack: XSS, SQL injections, remote file downloads, attempts read system files, dump files, and configured protection automatic download of content and a number of other safety regulations. • in the config file wp-config.php added site settings to prevent changes to system files and templates through administration panel of the CMS. 4. Access to the CMS administration console protected by an additional password protection. This measure closes a number of vulnerabilities in control panel administrative directory, and not allows you to log attacker even knowing the username and password of the administrator.