07-30-2019, 04:56 AM
I've just checked up with Google and this is what a "spamvertized website" means:
So an awesome irony occurred. On the very same day when I posted a review of Contabo Contabo received a complaint about my VPS IP being complicit in a spamvertised website. Since I hadn't looked at my e-mails in my VPS Account for a while, I only learned about the problem yesterday morning. Contabo received a complaint about a "spamvertized website" linked to my VPS IP on 10 July. When I didn't respond within 36 hours they suspended my VPS with a notification that re-connection would cost me US$30. So of course I complained heavily to Contabo yesterday. I then wrote to them and asked whether they'd checked my VPS for any abnormalities before they suspended the VPS and they said "yes" they had, but now there was nothing on the VPS - I must have fixed it or had software on the VPS that took care of the problem. So how could I have fixed it if the VPS was suspended? Anyway, I was grateful I didn't have to pay the 30 US$, they unsuspended the VPS, but since the blog doesn't really mean anything to me, I reinstalled the OS immediately, and powered down the VPS as I'd like to get a better understanding of what had happened first.
I personally think it was a false positive, but it would be great to hear if this has happened to any other member at post4vps before? At the time of this happening I had only one very small static blog on the VPS. With no users connected with it, no comments enabled, no e-mails, no traffic. A very small blog with my own personal experiences about Contabo. I have WordFence Security Plugin on it - and I'm sure WordPress users know how fast WordFence is with picking up on irregularities. There had been no notifications from WordFence. There is also no e-mail server on the VPS. No automatic scripts running.
Only thing that did happen on 9th of July (the day before the complaint) that could have caused something to happen was I updated the following themes and plugins of WordPress. And on the 10th of July I did a Benchmark test of the VPS using @"Hidden Refuge" Benchmark Script. Here is a record of the script, plugins and themes that were updated. Note they are all very straight up and down strictly WordPress products - and they were not actively used - only Wordfence and WP Classic Editor - the other plugins were "inherited" when I copied the Website:
1. The WordPress Script to 5.2.2
2. Plugin: WP Classic Editor
3. Plugin: Contact Form 7
4. Plugin: Duplicator
5. Plugin: Limit Login Attempts Reloaded
6. Plugin: Responsive WordPress Slider (note it's not being used with the WordPress blog)
7. Plugin: WordFence Security
8. Themes: Twenty Thirteen, Fifteen, Sixteen, Seventeen, Nineteen
The following themes and plugins were actively used in the blog:
1. WordPress Script 5.2.2
2. WEN-Associate Theme
3. All-in-one WP Migration Plugin
4. All-in-one WP Migration Extension Plugin
5. WordFence
6. Limit Login Attempts Reloaded
7. WordPress Classic Editor
I had VestaCP loaded on the VPS without FTP or E-mail Server.
I had changed the Port Number in April. When I first took occupation of the VPS in April I noticed a very abnormal number of failed login attempts, like larger than I'd ever experienced before. It completely stopped when I changed the port number.
Quote:A site being “spamvertized” means that the site is being included as a link in spam emails. The most common reason your site appears in spam emails when you’re not the spammer is because your site has been hacked by someone.https://www.wordfence.com/blog/2014/05/w...-about-it/
The hacker places a small piece of code somewhere on your site that redirects a user to a different site. They do this because including their own website in emails they send will immediately flag spam detectors. Their site is already a known-bad-site. So they’d rather spamvertize your site to try and get more emails through spam filters.
This works for a while until your website is also associated with spam and they have to move on to another “clean” website that they can spamvertize and that will redirect to their own site.
So an awesome irony occurred. On the very same day when I posted a review of Contabo Contabo received a complaint about my VPS IP being complicit in a spamvertised website. Since I hadn't looked at my e-mails in my VPS Account for a while, I only learned about the problem yesterday morning. Contabo received a complaint about a "spamvertized website" linked to my VPS IP on 10 July. When I didn't respond within 36 hours they suspended my VPS with a notification that re-connection would cost me US$30. So of course I complained heavily to Contabo yesterday. I then wrote to them and asked whether they'd checked my VPS for any abnormalities before they suspended the VPS and they said "yes" they had, but now there was nothing on the VPS - I must have fixed it or had software on the VPS that took care of the problem. So how could I have fixed it if the VPS was suspended? Anyway, I was grateful I didn't have to pay the 30 US$, they unsuspended the VPS, but since the blog doesn't really mean anything to me, I reinstalled the OS immediately, and powered down the VPS as I'd like to get a better understanding of what had happened first.
I personally think it was a false positive, but it would be great to hear if this has happened to any other member at post4vps before? At the time of this happening I had only one very small static blog on the VPS. With no users connected with it, no comments enabled, no e-mails, no traffic. A very small blog with my own personal experiences about Contabo. I have WordFence Security Plugin on it - and I'm sure WordPress users know how fast WordFence is with picking up on irregularities. There had been no notifications from WordFence. There is also no e-mail server on the VPS. No automatic scripts running.
Only thing that did happen on 9th of July (the day before the complaint) that could have caused something to happen was I updated the following themes and plugins of WordPress. And on the 10th of July I did a Benchmark test of the VPS using @"Hidden Refuge" Benchmark Script. Here is a record of the script, plugins and themes that were updated. Note they are all very straight up and down strictly WordPress products - and they were not actively used - only Wordfence and WP Classic Editor - the other plugins were "inherited" when I copied the Website:
1. The WordPress Script to 5.2.2
2. Plugin: WP Classic Editor
3. Plugin: Contact Form 7
4. Plugin: Duplicator
5. Plugin: Limit Login Attempts Reloaded
6. Plugin: Responsive WordPress Slider (note it's not being used with the WordPress blog)
7. Plugin: WordFence Security
8. Themes: Twenty Thirteen, Fifteen, Sixteen, Seventeen, Nineteen
The following themes and plugins were actively used in the blog:
1. WordPress Script 5.2.2
2. WEN-Associate Theme
3. All-in-one WP Migration Plugin
4. All-in-one WP Migration Extension Plugin
5. WordFence
6. Limit Login Attempts Reloaded
7. WordPress Classic Editor
I had VestaCP loaded on the VPS without FTP or E-mail Server.
I had changed the Port Number in April. When I first took occupation of the VPS in April I noticed a very abnormal number of failed login attempts, like larger than I'd ever experienced before. It completely stopped when I changed the port number.