Recent content by LuigiMdg

Hi, I've been having a problem with my website since this morning. It's inaccessible due to a 403 error, but I haven't made any updates or changes. Looking at my dashboard, I saw that Plesk automatically updated to Obsidian 18.0.75. I checked that the file and folder owner is correct, and the...

As every time, there are problems during a simple Let's Encrypt renewal.. The system continually tries to make you choose paid options and keeps putting a spoke in the wheels for LE. I'm wondering how to do this as there isn't much to do here, it's all rather banal.

Yes, I'm trying the Google ones but they are poorly designed, I intend to replace it with something lighter but it seems to have solved the problem, although there are no suspicious requests. Do you know any captcha that is light or can be lightened?

However I'm not sure if reCaptcha will solve the problem, because they are entering wrong email addresses, but a few every 1-2 hours.. Maybe I could solve it with Sophos Anti-Virus?

No, but I intend to include it both there and on the contact page. I hope to get it done today, because the only vulnerabilities I've found are injection vulnerabilities via XSS, but they say they've solved it in 2.6.1, I have 2.7.1.. However I realize that we are going OT as it doesn't concern...

I honestly had excluded this possibility, but this seems to be the cause..! I don't know how, but they are exploiting the newsletter module..! The problem is that I'm searching on Google but so far I haven't found much about it and the form is updated to the latest version.

Devices checked with Spybot & Malware Bytes, password changed 9 hours ago, 5 hours ago, new emails queued.. Other ideas? Will we come to a conclusion..?

So it should be enough to change the password after checking that there is no malware on all devices, especially keyloggers?

The only things I have collected in so many hours are only my 2 accesses even though there are 10 emails in the queue.... I would say that this is NOT the right path to follow. But I don't use Outlook but Thunderbird.

Yes, the Server IP is 75.119.154.60 Setted this: https://support.plesk.com/hc/en-us/articles/12377887555479-How-to-identify-spam-source-on-Plesk-for-Linux-Server

But that is the IP of the server.. More clear than that..

This is the new log, I've received undelivered mail at te 21.10pm yesterday: https://pastebin.com/S1J9BWtc

It could have been, but recently I formatted all the devices.. Also I don't see the IP between those lines or am I wrong..?!?

These are the complete lines, but there must be something there since a little while ago there were emails in the queue again. https://pastebin.com/UUpEdCKb

Example: mail.log lines of this night without my IP: