心晴 发表于 2014-6-3 23:22:37

账号被禁止了,这是什么问题呢

We have unfortunately been forced to disable your account aaa.org as it was found to be sending spam/UCE. Spam is a very serious offense and it risks not only the integrity of your account/domain but our entire network.

In our experience, accounts found to be sending spam are compromised due to outdated/unmaintained software, scripts, or plugins. It is also very common to see email accounts compromised due to poor password policy or an infected system/computer on your local network. More details specific to your account will be provided in our next reply.

As soon as you contact us and provide details about how you're going to fix the problem we'll enable your account. We will then work with you to enhance your site security, provide advice on how to avoid sending spam in the future, and clear up any other remaining problems. Thank you in advance for your cooperation.、

说什么垃圾邮件,不明白到底是啥意思,有谁碰到同样的问题呢?谢谢了。



补充内容 (2014-6-4 08:34):
请教按这样是插件引起的吗
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/themes/twentythirteen/defines.php
{HEX}php.cmdshell.unclassed.352 : /home/handmix...

补充内容 (2014-6-4 08:46):
是我网站被人接黑了还是自己安装插件的问题呢?

liwoonゞ 发表于 2014-6-3 23:54:52

你的网站被别人用来发垃圾邮件了,把网站的漏洞补上

lcxpmp 发表于 2014-6-3 23:56:43

你的站给黑了,看看是否装了某些插件有问题,现在是给人家利用你的空间群发spam了!

happyhql 发表于 2014-6-4 00:04:30

可怜的孩子。这事也让你碰到了。你的站有收入了吗。

月光飞燕 发表于 2014-6-4 00:26:46

可以挽回的,让你回复,它给你说更多的fix细节

regent 发表于 2014-6-4 01:09:47

我遇到过 回复就好了            

心晴 发表于 2014-6-4 08:26:09

liwoonゞ 发表于 2014-6-3 23:54 static/image/common/back.gif
你的网站被别人用来发垃圾邮件了,把网站的漏洞补上

我一回来打开网站就这样了,回复了,现在恢复了,可是我不知道以后如何预防这样的问题,也不知道为什么会导致这样的问题。我插件都是从后台直接安装的,搞不懂是怎么回事了。。

清凉小雪碧 发表于 2014-6-4 08:27:24

心晴已经做到站步了啊。厉害厉害。

心晴 发表于 2014-6-4 08:31:26

lcxpmp 发表于 2014-6-3 23:56 static/image/common/back.gif
你的站给黑了,看看是否装了某些插件有问题,现在是给人家利用你的空间群发spam了!
...

网站现在都全部清空了,得重装了,杯具呀,我都是后台直接安装的插件,这样也会有问题吗?

{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/themes/twentythirteen/defines.php
{HEX}php.cmdshell.unclassed.352 : /home/handmixe/public_html/aaa.com/wp-content/themes/twentyfourteen/config.php
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/themes/twentytwelve/css/proxy.php
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/plugins/akismet/views/dirs.php
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/plugins/akismet/class.akismet-widget.php
{HEX}php.mailer.unclassed.507 : /home/handmixe/public_html/bbb.com/wp-content/plugins/tablepress/i18n/datatables/sty1es.php

You were sending spam from the following directory:

/home/handmixe/public_html/aaa.com/wp-includes/js/tinymce/utils




心晴 发表于 2014-6-4 08:33:25

happyhql 发表于 2014-6-4 00:04 static/image/common/back.gif
可怜的孩子。这事也让你碰到了。你的站有收入了吗。

{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/themes/twentythirteen/defines.php
{HEX}php.cmdshell.unclassed.352 : /home/handmixe/public_html/aaa.com/wp-content/themes/twentyfourteen/config.php
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/themes/twentytwelve/css/proxy.php
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/plugins/akismet/views/dirs.php
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/plugins/akismet/class.akismet-widget.php
{HEX}php.mailer.unclassed.507 : /home/handmixe/public_html/bbb.com/wp-content/plugins/tablepress/i18n/datatables/sty1es.php

You were sending spam from the following directory:

/home/handmixe/public_html/aaa.com/wp-includes/js/tinymce/util

嗯,是呀,虽然还没收入,但是是我非常重视的站,文章都是我自己一个字一个字写的。。每篇文章都力求尽自己最大的努力,现在也不知道以后如何预防这样的问题,能请教下吗?,谢谢了。

拾荒者 发表于 2014-6-4 08:33:46

关闭25端口修改root端口修改root密码 检测程序并升级,扫描恶意文件.

心晴 发表于 2014-6-4 08:35:23

月光飞燕 发表于 2014-6-4 00:26 static/image/common/back.gif
可以挽回的,让你回复,它给你说更多的fix细节

{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/themes/twentythirteen/defines.php
{HEX}php.cmdshell.unclassed.352 : /home/handmixe/public_html/aaa.com/wp-content/themes/twentyfourteen/config.php
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/themes/twentytwelve/css/proxy.php
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/plugins/akismet/views/dirs.php
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/plugins/akismet/class.akismet-widget.php
{HEX}php.mailer.unclassed.507 : /home/handmixe/public_html/bbb.com/wp-content/plugins/tablepress/i18n/datatables/sty1es.php

You were sending spam from the following directory:

/home/handmixe/public_html/aaa.com/wp-includes/js/tinymce/util

请教下出现这样的情况我以后如何预防呢?也不知道是什么插件引起的。。或者说是什么主题,我也就直接从后台安装的插件。。。搞不懂了。



心晴 发表于 2014-6-4 08:36:15

regent 发表于 2014-6-4 01:09 static/image/common/back.gif
我遇到过 回复就好了

那我如何预防以后的这种情况发生呢?不知道是为什么发生。。要不然以后账号又得被禁止了。
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/themes/twentythirteen/defines.php
{HEX}php.cmdshell.unclassed.352 : /home/handmixe/public_html/aaa.com/wp-content/themes/twentyfourteen/config.php
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/themes/twentytwelve/css/proxy.php
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/plugins/akismet/views/dirs.php
{HEX}base64.inject.unclassed.7 : /home/handmixe/public_html/aaa.com/wp-content/plugins/akismet/class.akismet-widget.php
{HEX}php.mailer.unclassed.507 : /home/handmixe/public_html/bbb.com/wp-content/plugins/tablepress/i18n/datatables/sty1es.php

You were sending spam from the following directory:

/home/handmixe/public_html/aaa.com/wp-includes/js/tinymce/util

谢谢了

心晴 发表于 2014-6-4 08:36:58

拾荒者 发表于 2014-6-4 08:33 static/image/common/back.gif
关闭25端口修改root端口修改root密码 检测程序并升级,扫描恶意文件.

我买的是主机,应该设置不了这些吧?

liwoonゞ 发表于 2014-6-4 09:54:22

心晴 发表于 2014-6-4 08:26 static/image/common/back.gif
我一回来打开网站就这样了,回复了,现在恢复了,可是我不知道以后如何预防这样的问题,也不知道为什么会 ...

You were sending spam from the following directory:

/home/handmixe/public_html/aaa.com/wp-includes/js/tinymce/utils

你应该是被别人利用 “tinymce漏洞”黑了,百度下“tinymce漏洞”,找个补丁补上或是换一个编辑器,
最好把这个文件夹设不可写,再查找有没有小马或大马。可以用“eval” 查找下

心晴 发表于 2014-6-4 10:26:26

liwoonゞ 发表于 2014-6-4 09:54 static/image/common/back.gif
You were sending spam from the following directory:

/home/handmixe/public_html/aaa.com/wp-include ...

文件全部被清空了,现在没马了,不过你说的eval是什么? 。。。谢谢了。

yangjianfeng 发表于 2014-6-4 12:29:37

心晴 发表于 2014-6-4 10:26 static/image/common/back.gif
文件全部被清空了,现在没马了,不过你说的eval是什么? 。。。谢谢了。

...

装一下杀毒软件什么的。。。。

心晴 发表于 2014-6-4 12:32:05

yangjianfeng 发表于 2014-6-4 12:29 static/image/common/back.gif
装一下杀毒软件什么的。。。。

我买的是虚拟主机,装不了吧。。

yangjianfeng 发表于 2014-6-4 13:01:42

心晴 发表于 2014-6-4 12:32 static/image/common/back.gif
我买的是虚拟主机,装不了吧。。

虚拟主机后台都有杀毒软件的,Cpnal界面好像都有的,还有WordPress本身也有,你可以扫一下,看看漏洞在哪里
方法:
(1)Cpanel 面板下面有个杀毒选项,可以进行全目录杀毒。

(2)上传你的主题到virustotal.com 60M以内免费查杀。

(3)用TAC插件http://wordpress.org/plugins/tac/

(4)用Wordfence Security http://wordpress.org/plugins/wordfence/
查看漏洞,然后堵住

心晴 发表于 2014-6-4 13:15:10

yangjianfeng 发表于 2014-6-4 13:01 static/image/common/back.gif
虚拟主机后台都有杀毒软件的,Cpnal界面好像都有的,还有WordPress本身也有,你可以扫一下,看看漏洞在哪 ...

嗯,谢谢你的建议,之前的没有备份,现在图片显示不了了。。。看样子网站第一步安全最重要。

页: [1] 2
查看完整版本: 账号被禁止了,这是什么问题呢