- Posts: 5
COMMUNITY FORUM
Fake users
- Kel
-
Topic Author
- Offline
- New Member
Less
More
10 years 5 months ago #135188
by Kel
Fake users was created by Kel
Hi guys,
I just received a message that my webhosting has suspended my domain because there are spammers which are using my email from my website.
They did this trough the K2 Component: public_html/media/k2/users
How can I fix this issue?
Thanks!
I just received a message that my webhosting has suspended my domain because there are spammers which are using my email from my website.
They did this trough the K2 Component: public_html/media/k2/users
How can I fix this issue?
Thanks!
Please Log in or Create an account to join the conversation.
- Krikor Boghossian
-
- Offline
- Platinum Member
Less
More
- Posts: 15920
10 years 4 months ago #135222
by Krikor Boghossian
Replied by Krikor Boghossian on topic Fake users
Enable captcha on registration forms so spammers cannot register. The setting is called "Enable reCaptcha on registration form" and it is located in K2's advanced settings.
Please Log in or Create an account to join the conversation.
- Kel
-
- Offline
- New Member
Less
More
- Posts: 5
10 years 4 months ago #135230
by Kel
Replied by Kel on topic Fake users
Good morning Krikor,
I think I managed to enable the reCaptcha, to be sure.
But the problem is that they don't really register on the website, but somehow they can use my e-mail and send 1000 of emails to others.
I guess there must be a leak somewhere. Do you have any tips for this?
Thanks!
I think I managed to enable the reCaptcha, to be sure.
But the problem is that they don't really register on the website, but somehow they can use my e-mail and send 1000 of emails to others.
I guess there must be a leak somewhere. Do you have any tips for this?
Thanks!
Please Log in or Create an account to join the conversation.
- Krikor Boghossian
-
- Offline
- Platinum Member
Less
More
- Posts: 15920
10 years 4 months ago #135233
by Krikor Boghossian
Replied by Krikor Boghossian on topic Fake users
Check to see if your site has been compromised.
K2 cannot send mass mails, the most probable scenario is that your site has been hacked.
K2 cannot send mass mails, the most probable scenario is that your site has been hacked.
Please Log in or Create an account to join the conversation.
- Kel
-
- Offline
- New Member
Less
More
- Posts: 5
10 years 4 months ago #135238
by Kel
Replied by Kel on topic Fake users
Hey Krikor,
Sorry for posting these questions here. When I looked yesterday in the email usage in DirectAdmin, they used a path which leaded to K2.
Currently I am using Joomla 3.2.3, would it be smart (I guess so) to update it?
Thansk again!
Sorry for posting these questions here. When I looked yesterday in the email usage in DirectAdmin, they used a path which leaded to K2.
Currently I am using Joomla 3.2.3, would it be smart (I guess so) to update it?
Thansk again!
Please Log in or Create an account to join the conversation.
- Krikor Boghossian
-
- Offline
- Platinum Member
Less
More
- Posts: 15920
10 years 4 months ago #135240
by Krikor Boghossian
Replied by Krikor Boghossian on topic Fake users
Of course, always keep your site and extensions up to date.
The folder that they are using public_html/media/k2/user indicates that your site is indeed compromised.
The folder that they are using public_html/media/k2/user indicates that your site is indeed compromised.
Please Log in or Create an account to join the conversation.
- Kel
-
- Offline
- New Member
Less
More
- Posts: 5
10 years 4 months ago #135243
by Kel
Replied by Kel on topic Fake users
Strange that this happens, but I will try to update Joomla to the latest. Hopefully they will end with spamming.
Thanks for your help so far Krikor!
Thanks for your help so far Krikor!
Please Log in or Create an account to join the conversation.
- Krikor Boghossian
-
- Offline
- Platinum Member
Less
More
- Posts: 15920
10 years 4 months ago #135258
by Krikor Boghossian
Replied by Krikor Boghossian on topic Fake users
Have your hosting provider tell you which file is sending these mails so you can delete it.
Please Log in or Create an account to join the conversation.
- Kel
-
- Offline
- New Member
Less
More
- Posts: 5
10 years 4 months ago - 10 years 4 months ago #135276
by Kel
Replied by Kel on topic Fake users
Maybe for other users this come in handy some day:
I did take my Joomla files from the server and copied to local computer. I scanned it with my antivirus-scanner and it found 2 malware.
Deleted those files, they were located in the temp folder.
Besides that I did secure my website better, doing the following:
Update Joomla to a newer version
Deactivated registration (if you don't need it)
Activated Recaptcha (To be sure)
Scan your files for virus and delete them
Reset the rights of your folders and files (755 for folders and 644 for files)
Secure your administrator-area with a extra username and password (Can be done in DirectAdmin)
Change all your passwords
Block the ip trough the .htacces (Ip could be find in your website logs)
I hope this would help!
I did take my Joomla files from the server and copied to local computer. I scanned it with my antivirus-scanner and it found 2 malware.
Deleted those files, they were located in the temp folder.
Besides that I did secure my website better, doing the following:
I hope this would help!
Last edit: 10 years 4 months ago by Kel.
Please Log in or Create an account to join the conversation.