Contact form (formmail) compromised - what steps are required to deal with this. And how can I stop it happening on my other sites?

Asked by:
billyb Time:
2012-08-21 3:34 pm Category:
Fighting Spam Hits:
382
approx 500 emails sent from my contact form to my own contact email address in a 2 minute period, including "SomeCustomInjectedHeader:injected_by_wvs".

You must login before you can ask a follow up question.

You must login before you can submit an answer.

OTHER ANSWERS

0

arnelc
2012-08-21 4:19 pm
Hello Billyb,

I'm sorry to hear about your problems with the code injection into your emails. I tried to take a closer look at the issue by looking at your files, but there are a number of websites on your account and it's difficult to determine which one may have been involved in this problem. It is very possible that the file in CGI-bin has been corrupted or injected with code. I will include a link for suggestions to help avoid that. Those would be the best suggestions to avoid the issue. Part of the problem is that you also have all of these sites under one account. In order to avoid cross-contamination it would be more secure to have separate accounts. Otherwise, you have to search across multiple website files in one account to find the source of the issue sometimes.

You can also secure the input page for the form mail using a captcha or re-captcha. It just doesn't look like it's happening at that level. If you're still having problems with script right now, my suggestion is to re-download it from a very good source (sourceforge.net is a great place) and then replace the code with newly downloaded one. This way you can see if the infection is happening outside of the form mail script. Try the suggestion in this link and then get back with us if the problem persists.

What to do when your Website is hacked

If you have any further questions, please contact technical support or leave a comment at the bottom of the page.

Regards,

Arnel C.

You must login before you can post a comment about this answer.
Like this Question?

Support Center Login

Have a Question?

If you need some help, submit your question to our Community! We guarantee a response within 60 minutes (8am - 9pm EST, Monday - Friday)

Recent Questions

  1. is there a way to link a picture from an image gallery page to the specific item in eshop?
  2. Wordpress 404 error
  3. email blocked from specific client

Support Center Search

Current Customers

Email: support@WebHostingHub.com Ticket: Submit a Support Ticket
Call: 877-595-4HUB (4482)
757-416-6627 (Intl.) 		Chat: Click To Chat Now

Ask the Community

Get help with your questions from our community of like-minded hosting users and Web Hosting Hub Staff.

Not a Customer?

Get web hosting from a company that is here to help.