MRatWork Forum by Mustafa Ramadhan

Sawo Project - Kloxo-MR Discussions => Kloxo-MR Technical Helps => Topic started by: webhost2000 on 2014-02-10, 17:16:27

Title: Suspected Malicious Activity --Malware-DDoS
Post by: webhost2000 on 2014-02-10, 17:16:27

I received a email from my VPS provider about ' Suspected Malicious Activity Malware-DDoS'

My server is centOS 5 + Kloxo-MR

Originating URLs of Malicious Activity

Malicious content:
ip address/file.php


How to check and find the problem

Title: Re: Suspected Malicious Activity --Malware-DDoS
Post by: MRatWork on 2014-02-10, 18:05:07

See 'rkhunter log' in 'log manager' in panel.

Find out plugins in your applications (like plugins in wordpress) also.

Title: Re: Suspected Malicious Activity --Malware-DDoS
Post by: MRatWork on 2014-02-10, 18:06:49

Read http://forum.joomla.org/viewtopic.php?f=432&t=795470 for reference.

Title: Re: Suspected Malicious Activity --Malware-DDoS
Post by: henry on 2014-02-11, 02:26:44

Thank you for sharing as well the replied.
I have followed MR instructions and my file is clean.

That means all my current WordPress plugins are safe to use.
If I installed new WordPress plugins which incurred problems, I will know  :)

Have a great day!
Cheers!

Title: Re: Suspected Malicious Activity --Malware-DDoS
Post by: MRatWork on 2014-02-11, 02:51:36

Install Wordfence in Wordpress.

Title: Re: Suspected Malicious Activity --Malware-DDoS
Post by: henry on 2014-02-11, 04:18:29

Quote from: MRatWork on 2014-02-11, 02:51:36

Install Wordfence in Wordpress.

Yes, I did install wordfence, bulletproof security as well ip blacklist.