[irony] Two days after I bought BPS Pro, but a day before I installed it, my client’s site was hacked.[/irony]
I’m trying to keep my client’s site afloat, but I’m finding BPS Pro overwhelming. I feel like I’m learning under trial by fire! I hope you won’t mind a little hand-holding.
My client’s site was deactivated by Siteground due to malware.
I deleted the client’s site and restored it from a backup I assumed to be good. I changed my cpanel/ftp password and deleted all user accounts except mine, changing the password on that. I am having some issues and want to make sure I’m not still infected, or reinfected, etc. Siteground has pronounced it clean and reactivated it. I have since installed the gotmls.net Anti-Malware plugin and have fully scanned the site.
I have several issues that I’ll address idependently but here is the main one.
The main issue (so far) is the file “php_mail.log” which keeps showing up in my public_html directory and gets immediately quarantined. It’s happening every few minutes so the quarantine files grows to several hundred in a very short time–hundreds a day.
I’ve looked at the file itself and it seems benign. It seems to note only emails being sent to me either by BPS pro or BackupBuddy. I’ve included the last 9 entries below, but they are mostly identical to the rest, only the dates are different. (In the attached snip, I’ve changed my actual email address to me @ myemail.com.)
Can anyone tell me what’s going on? What can I do about this?
[26-Sep-2015 14:18:46 UTC] mail() on [/home/gzddev64/public_html/wp-includes/class-phpmailer.php:652]: To: me@myemail.com -- Headers: Date: Sat, 26 Sep 2015 14:18:46 +0000 From: BackupBuddy <me@myemail.com> Message-ID: <779776eeacf81185d9df331dfda779f8@www.gzddev.com> X-Priority: 3 X-Mailer: PHPMailer 5.2.10 (https://github.com/PHPMailer/PHPMailer/) Reply-To: me@myemail.com MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [27-Sep-2015 21:41:23 UTC] mail() on [/home/gzddev64/public_html/wp-includes/class-phpmailer.php:652]: To: me@myemail.com -- Headers: Date: Sun, 27 Sep 2015 21:41:23 +0000 From: BackupBuddy <me@myemail.com> Message-ID: <8833bc92ba8d4297db4791addd42a666@www.gzddev.com> X-Priority: 3 X-Mailer: PHPMailer 5.2.10 (https://github.com/PHPMailer/PHPMailer/) Reply-To: me@myemail.com MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [28-Sep-2015 20:10:17 UTC] mail() on [/home/gzddev64/public_html/wp-includes/class-phpmailer.php:652]: To: me@myemail.com -- Headers: Date: Mon, 28 Sep 2015 20:10:17 +0000 From: WordPress <wordpress@gzddev.com> Message-ID: <e9aaa2252b03c654ce0281b2b1b3fbcc@www.gzddev.com> X-Priority: 3 X-Mailer: PHPMailer 5.2.10 (https://github.com/PHPMailer/PHPMailer/) MIME-Version: 1.0 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit
- This topic was modified 21 hours, 7 minutes ago by KeithAdv.
- This topic was modified 21 hours, 6 minutes ago by AITpro Admin.