HOW CAN WE HELP YOU TODAY?

1
Knowledgebase: Announcements
Security enhancement in Linux hosting servers
Posted by Team Bigrock on 06 March 2016 04:22 PM

UPDATE : 14-03-2016 | 06:00 PM IST

The IP blacklist issue has been resolved and we have unblocked the outgoing ports 587 and 465 across our servers.

We have identified that there are malicious files present under the hosting packages, which makes websites vulnerable. This vulnerability is further exploited and spammers are using those infected files/themes/plugins to send spam mails via ports 587 and 465. To prevent this, we have added new signatures to our scans and we will be blocking ports 587 and 465 as well, if there are any malicious files identified in your directory.

If your port is blocked due to infected files, please remove and upload fresh copies of the files and open the port using the port80 plugin available in cPanel. You can refer the following link for details :

----
http://manage.bigrock.com/kb/answer/2411
----

Please feel free to contact our Support Team in case you have any queries. Appreciate your co-operation.

----------------------------------------------------------------------------------------------------------------------

UPDATE : 07-03-2016 | 03:30 PM IST

We are seeing a lot of malicious/unauthorized mails being sent from ports 587 and 465. This is also impacting our IP reputation and causing a delay in getting our ips whitelisted.


In order to tackle this, we are blocking all outgoing connections to port 587 and 465 on all our linux shared hosting servers. You will have to use "localhost" for sending emails.


NOTE: This is just a temporary measure till our IP reputation improves.


Please watch this thread for further updates.

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Please be notified that currently we have enabled spam filtering tool on our Linux servers and if any of your email account or scripts due to this you involved in sending spam emails you will receive an automated mail stating that your account is involved in spamming.

If you receive any such mail, please do the following steps immediately

-----
* Reset the passwords for email accounts with more complex and secure passwords.
* If a CMS (Wordpress,Joomla etc.) is involved, please check for vulnerable plugins and upgrade the plugins/CMSs as soon as possible.
* Refrain from sending emails via scripts and mass mailing via scripts.
* If a mail client is being used to send/receive emails (Outlook, Thunderbird etc), please scan the entire PC where the email account is setup. The PC may be infected with malware operated by spambots.
*Scan your home directory using cPanel antivirus plugin
-----

Note that spamming activities are strictly against our Acceptable Usage Policy. This could also cause our IP address to get blacklisted at our upstream service provider end, thus affecting other services done via this IP.

After all steps taken contact support to get the account activated.