• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Issue Suspect server compromised

P

PatrickSG

New Pleskian
I have a Windows Server running Plesk 12 with MailEnable, I suspect my server is being compromised as it is sending out spam and the log shows that the spams are from 127.0.0.1.

I run a virus scan and it found no virus.

Is there a way to trace and find out the issues?

I have changed the Windows server administrator password, I notice there are some accounts created by Plesk (IME_ADMIN, IMS_USER, Plesk Administrator), can i reset the password for those accounts as well? So that I can eliminate the possibilities of those accounts being compromised?

Thanks.

Patrick
 
You must log in or register to reply here.

Similar threads

S
Question Emails being deleted by DMARC
Replies
5
Views
261
JVG
J
G
Issue Database Malware or False Positive?
Replies
2
Views
460
Gene Steinberg
G
L
Issue Reset admin PW not possible because of server cloning
Replies
0
Views
214
LordReaper
L
Cordal
Resolved stop sending spam
Replies
12
Views
1K
Robert Alexander
R
M
Question mailenable - smtp spam
Replies
1
Views
498
Peter Debik
P
Back
Top