My vps is hacked and is being used to send spam!


#1

So my host suspended my vps cause it detected it was sending spam. How can I clean the vps and stop sending spam? I don’t see my theme files being modified. I don’t even know how they even get access to the mail server when I don’t use any mail tools


#2

If your provider unsuspended you:

  1. Change your SSH password
  2. Disable SSH password, use private key instead
  3. Remove postfix or exim4 from your vps
  4. Make sure no any program listen on port 25 by typing sudo netstat --tupln

or if you’re paranoid, better reinstall your OS and rebuild EasyEngine from the beginning


#3

Does easyengine install postfix or exim4 on default? if I removed both of those will wordpress still able to send emails?


#4