• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Plesk css file has hack code sending emails. How do you see number of emails sent?

B

BernieH

Guest
We have encountered hackers placing a email sending program within the css folder of Plesk. Have you run into this problem before and if so do you have any idea of how they get the file placed within the Plesk files for the given URL? Also do you know of any way to see a report of the number of emails being sent from a specific URL or all URL's on our server? Thank you in advance for answering these questions. God Bless, Bernie
 
I would consider the following:

Not neccesarily done in this order but you get the point.

1. Check your firewall (if you have any for ports that may be open and not needed)
2. Secure your directory structure by chmod things. Giving the correct permissions.
3. Running various rootkit scans and virus scans.
4. Changing passwords to all accounts especially the admin for psa and the server root account.
5. disable root access via ssh and use a separate account to login then sudo or su to things.
6. Make sure your box is to date on packages running and uninstall things you don't need. (For example if it's a plesk server you have no reason to run open office on it.) Do not confuse backporting with packages not being the latest version if you're using a distro of linux that backports.

Also check the /var/log folder and view any logs there for some insight.

God bless you too!
 
Back
Top