shayanboy
06-03-2014, 07:09 AM
با سلام یک مشکل عجیب برای سایت من پیش آمده که گفتم اینجا مطرح کنم تا بتونم به کمک شما حلش کنم !
تا کنون 2 بار سایت من اسپم شده و توسط هاست مسدود شد.
طی پیگیری که با هاست داشتیم اسکن زیر را اعلام کردند
دوستان این خطاها برای چیه ؟ یکی به من میدونه بگه چی کار باید بکنم ؟ تا سایت اسپم نکنه
----------- SCAN REPORT -----------
TimeStamp: Tue Jun 3 10:18:41 2014
(/usr/sbin/cxs --nobayes --clamdsock /var/clamd --deep --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 10000 --options mMOLfSGchexdnwZDRu --qoptions Mv --sizemax 500000 --summary --sversionscan --timemax 30 --virusscan ./)
Scanning /home/iranspor/public_html:
# Script version check [OLD] [Joomla Akeeba Ext v3.9.2 < v3.10.1]:
'/home/iranspor/public_html/administrator/components/com_akeeba/akeeba.xml'
# Regular expression match = [symlink\s*\(]:
'/home/iranspor/public_html/administrator/components/com_akeeba/akeeba/engines/archiver/jpa.php'
# Regular expression match = [symlink\s*\(]:
'/home/iranspor/public_html/administrator/components/com_akeeba/akeeba/engines/archiver/zip.php'
# Regular expression match = [symlink\s*\(]:
'/home/iranspor/public_html/administrator/components/com_joomlaupdate/restore.php'
# Regular expression match = [symlink\s*\(]:
'/home/iranspor/public_html/administrator/components/com_k2/lib/elfinder/elFinderVolumeDriver.class.php'
# Regular expression match = [symlink\s*\(]:
'/home/iranspor/public_html/administrator/components/com_k2/lib/elfinder/elFinderVolumeLocalFileSystem.class.php'
# World writeable directory:
'/home/iranspor/public_html/administrator/components/com_k2/views'
# World writeable directory:
'/home/iranspor/public_html/administrator/components/com_p30trace/views'
# Script version check [OLD] [Joomla Phoca Gallery Ext v3.2.1 < v4.0.2]:
'/home/iranspor/public_html/administrator/components/com_phocagallery/phocagallery.xml'
# Regular expression match = [r57shell]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.nonutf8.sql'
# Regular expression match = [c99shell]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.nonutf8.sql'
# Regular expression match = [r57shell]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.nonutf8.sql'
# Regular expression match = [phpRemoteView]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.nonutf8.sql'
# Regular expression match = [r57shell]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.utf8.sql'
# Regular expression match = [c99shell]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.utf8.sql'
# Regular expression match = [r57shell]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.utf8.sql'
# Regular expression match = [phpRemoteView]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.utf8.sql'
# Regular expression match = [decode regex: 1]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/models/checkrun.php'
# Regular expression match = [decode regex: 1]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/models/fix.php'
# World writeable directory:
'/home/iranspor/public_html/administrator/components/com_rsform/assets/codemirror/mode'
# Suspicious file type [application/x-c]:
'/home/iranspor/public_html/administrator/components/com_rsform/assets/codemirror/mode/clike/index.html'
# World writeable directory:
'/home/iranspor/public_html/components/com_k2/images'
# World writeable directory:
'/home/iranspor/public_html/components/com_k2/views'
# World writeable directory:
'/home/iranspor/public_html/components/com_p30trace/views'
# (compressed file: plupload.silverlight.dll [depth: 1]) MS Windows Binary/Executable [application/x-winexec]:
'/home/iranspor/public_html/components/com_phocagallery/assets/plupload/plupload.silverlight.xap'
# World writeable directory:
'/home/iranspor/public_html/components/com_rsfirewall/assets'
# World writeable directory:
'/home/iranspor/public_html/media/k2'
# World writeable directory:
'/home/iranspor/public_html/media/k2/assets'
# World writeable directory:
'/home/iranspor/public_html/media/k2/assets/images'
# World writeable directory:
'/home/iranspor/public_html/modules/mod_k2_content/tmpl'
# World writeable directory:
'/home/iranspor/public_html/modules/mod_k2_users/tmpl'
# World writeable directory:
'/home/iranspor/public_html/plugins/josetta_ext'
# Script version check [OLD] [Joomla Modules Anywhere Ext v3.2.3FREE < v3.4.3]:
'/home/iranspor/public_html/plugins/system/modulesanywhere/modulesanywhere.xml'
# World writeable directory:
'/home/iranspor/public_html/templates/vt_farm/html/com_k2'
----------- SCAN SUMMARY -----------
Scanned directories: 1997
Scanned files: 11149
Ignored items: 6
Suspicious matches: 34
Viruses found: 0
Fingerprint matches: 0
Data scanned: 122.04 MB
Scan time/item: 0.015 sec
Scan time: 199.050 sec
تا کنون 2 بار سایت من اسپم شده و توسط هاست مسدود شد.
طی پیگیری که با هاست داشتیم اسکن زیر را اعلام کردند
دوستان این خطاها برای چیه ؟ یکی به من میدونه بگه چی کار باید بکنم ؟ تا سایت اسپم نکنه
----------- SCAN REPORT -----------
TimeStamp: Tue Jun 3 10:18:41 2014
(/usr/sbin/cxs --nobayes --clamdsock /var/clamd --deep --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 10000 --options mMOLfSGchexdnwZDRu --qoptions Mv --sizemax 500000 --summary --sversionscan --timemax 30 --virusscan ./)
Scanning /home/iranspor/public_html:
# Script version check [OLD] [Joomla Akeeba Ext v3.9.2 < v3.10.1]:
'/home/iranspor/public_html/administrator/components/com_akeeba/akeeba.xml'
# Regular expression match = [symlink\s*\(]:
'/home/iranspor/public_html/administrator/components/com_akeeba/akeeba/engines/archiver/jpa.php'
# Regular expression match = [symlink\s*\(]:
'/home/iranspor/public_html/administrator/components/com_akeeba/akeeba/engines/archiver/zip.php'
# Regular expression match = [symlink\s*\(]:
'/home/iranspor/public_html/administrator/components/com_joomlaupdate/restore.php'
# Regular expression match = [symlink\s*\(]:
'/home/iranspor/public_html/administrator/components/com_k2/lib/elfinder/elFinderVolumeDriver.class.php'
# Regular expression match = [symlink\s*\(]:
'/home/iranspor/public_html/administrator/components/com_k2/lib/elfinder/elFinderVolumeLocalFileSystem.class.php'
# World writeable directory:
'/home/iranspor/public_html/administrator/components/com_k2/views'
# World writeable directory:
'/home/iranspor/public_html/administrator/components/com_p30trace/views'
# Script version check [OLD] [Joomla Phoca Gallery Ext v3.2.1 < v4.0.2]:
'/home/iranspor/public_html/administrator/components/com_phocagallery/phocagallery.xml'
# Regular expression match = [r57shell]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.nonutf8.sql'
# Regular expression match = [c99shell]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.nonutf8.sql'
# Regular expression match = [r57shell]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.nonutf8.sql'
# Regular expression match = [phpRemoteView]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.nonutf8.sql'
# Regular expression match = [r57shell]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.utf8.sql'
# Regular expression match = [c99shell]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.utf8.sql'
# Regular expression match = [r57shell]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.utf8.sql'
# Regular expression match = [phpRemoteView]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/install.mysql.utf8.sql'
# Regular expression match = [decode regex: 1]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/models/checkrun.php'
# Regular expression match = [decode regex: 1]:
'/home/iranspor/public_html/administrator/components/com_rsfirewall/models/fix.php'
# World writeable directory:
'/home/iranspor/public_html/administrator/components/com_rsform/assets/codemirror/mode'
# Suspicious file type [application/x-c]:
'/home/iranspor/public_html/administrator/components/com_rsform/assets/codemirror/mode/clike/index.html'
# World writeable directory:
'/home/iranspor/public_html/components/com_k2/images'
# World writeable directory:
'/home/iranspor/public_html/components/com_k2/views'
# World writeable directory:
'/home/iranspor/public_html/components/com_p30trace/views'
# (compressed file: plupload.silverlight.dll [depth: 1]) MS Windows Binary/Executable [application/x-winexec]:
'/home/iranspor/public_html/components/com_phocagallery/assets/plupload/plupload.silverlight.xap'
# World writeable directory:
'/home/iranspor/public_html/components/com_rsfirewall/assets'
# World writeable directory:
'/home/iranspor/public_html/media/k2'
# World writeable directory:
'/home/iranspor/public_html/media/k2/assets'
# World writeable directory:
'/home/iranspor/public_html/media/k2/assets/images'
# World writeable directory:
'/home/iranspor/public_html/modules/mod_k2_content/tmpl'
# World writeable directory:
'/home/iranspor/public_html/modules/mod_k2_users/tmpl'
# World writeable directory:
'/home/iranspor/public_html/plugins/josetta_ext'
# Script version check [OLD] [Joomla Modules Anywhere Ext v3.2.3FREE < v3.4.3]:
'/home/iranspor/public_html/plugins/system/modulesanywhere/modulesanywhere.xml'
# World writeable directory:
'/home/iranspor/public_html/templates/vt_farm/html/com_k2'
----------- SCAN SUMMARY -----------
Scanned directories: 1997
Scanned files: 11149
Ignored items: 6
Suspicious matches: 34
Viruses found: 0
Fingerprint matches: 0
Data scanned: 122.04 MB
Scan time/item: 0.015 sec
Scan time: 199.050 sec