WordPress is sending spam emails

  • I am now at wits’ end. I have looked at the wp forums and have seen similar posts to mine, however, they are all closed to comments and occurred on versions of wp prior to v3.

    my host (Netfirms) has shut down my dozen domains due to a spam email being sent from a font.php or license.php hack (usually from the same domain sixsigmaz.com).

    They have suspended my account 3 times in the past 3 days and previous wp posts really helped out: I asked my host to provide me with the email headers and they are not coming from me. I explain this to the abuse/support team and they usually reinstate me quite quickly but this is starting to become a royal pain in the ass.

    My wp install is up to date as all the plugins are and I’ve deleted all unused features. What gives?

    Oddly, I’ve had many domains up for several years, and these “hacking” problems began right after Netfirms was acquired by Godaddy.

    I’ve changed from STRONG password to another STRONG password, and the support team confirms there has been no ftp access to my account in 30 days.

    should I deny access from the .htaccess file for the IP addresses and domain names in the suspect email headers?

    How can I ensure there are no other vulnerabilities? I have several wordpress sites, but the one at sixsigmaz.com seems to be especially vulnerable.

    Thanks for your help,
    Grasshopper

Viewing 3 replies - 1 through 3 (of 3 total)

  • I have had my account suspended a bunch of times as well due to the same spamming issue on my wordpress websites. And I host through netfirms. I’m looking at having my 20+ websites moved to a different host. To say that its been a miserable experience is an understatement.

    Thread Starter jcardinal

    (@jcardinal)

    Thanks for replying cokwara. Have you been able to confirm anything about your WP installs?

    Since I last posted, Netfirms has suspended me 3 more times and keep on telling me to reset my passwords. Also, they tell me to update my WP installs and PHP app and when I continually point out that every thing is current and running the latest and greatest, they apologize for the inconvenience and reactivate my account.

    I’ve had the same sites running for several years now and this only started happening since the Tucows acquisition.

    I’ve been a Netfirms customer since 1998 and was satisfied until 2011 when things went awry with them.

    I also have over a dozen domains and moving them just seems to be a bitch of a problem. I’m concerned that moving them will not fix the problem if there are any vulnerabilities. I just don’t know what to tell Netfirms to do. I increasingly suspect that their security is lax.

    Its funny cos I just got off the phone with netfirms for the same reason. And they keep telling me the same thing you mentioned. Ive been with them for awhile too, and since you mentioned it, this was never a problem until the acquisition. If moving all my sites was as easy as snapping my finger, I would have been long gone. At this rate, it might just be worth the inconvenience. I have other wp sites with inmotionhosting and this has never been an issue. So we might have to bite the bullet and move.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘WordPress is sending spam emails’ is closed to new replies.