Reproski
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
Thank you for your help, I will tell you that everything that is happening is not my fault, probably through that page they managed to gain access to the server where my website was hosted and from there they began to send emails and spam
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
And Casino shit
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
When I log out of the domain management page and so on, it takes me to a rather strange page full of garbage written in Indonesian.
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
At this point I honestly think I entered a battle that was already lost, probably the server was about to be hacked and just as I arrived I had to carry the dead man.
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
It is a purely presentation page, nothing complex, no purchases or anything.
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
It's a very old-fashioned company, they haven't modernized at all, the company is literally in trouble because they can't answer emails.
I made the page purely in Boostrap and a bit of JS
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
And that's what I'm doing now
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
In the end I decided to tell the company to migrate the domain to another provider and try to see if that fixes the problem.
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
Literally it is a guy with a server at home hosting pages on the internet, maximum it will be a team of 3 people
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
Interestingly, this issue only affects some email accounts, not all of them. After doing some research, I found out it could be related to DNS settings.
Upon reviewing the Email Delivery options, I see there is an error in Reverse DNS (PTR), which states:
“To resolve this issue, please contact your system administrator and request that they replace all PTR records for “xxx.xxx.xxx.xxx.in-addr.arpa” with the following record at 'ns1.unifiedlayer.com' and 'ns2.unifiedlayer.com'.”
I contacted Alex to request this change that cPanel itself recommends, and he responded rather rudely, stating that the hosting server is working fine and that the problem is a “security” issue.
Additionally, I would like to clarify that this problem has been occurring since last Friday, as I mentioned earlier. However, the change made in the WebMail was this:
“The Horde webmail application has been removed in cPanel & WHM version 108. All Horde email, contacts, and calendars will be automatically migrated to Roundcube. For more information, read our cPanel Deprecation Plan documentation.”
Since I’m still relatively new to managing hosting and DNS configurations, I would really appreciate any advice or guidance from the community to resolve this issue.
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
Let me finish telling you the rest of the story, sorry if it's too long.
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
The customer support of this garbage hosting provider is terrible, they don't solve anything for me, they question and criticize me instead of helping me, that's why I turn to the community
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
When I submit the IP of the page I get this message from UCEPROTECT
IP Information Your IP XXX.XXX.XXX.XXX is part of AS 46606 UNIFIEDLAYER-AS-1, US and networks 162.240.0.0/15 162.241.148.0/24 The reverse DNS (PTR) exists and claims to be: XXX-XXX-XXX-XXX.unifiedlayer.com WARNING: There is no A record matching your reverse DNS.
The DNS is INCONSISTENT.
Please ask your administrator or provider to fix this problem.
This IP is NOT registered at ips.whitelisted.org. You can find more information about whitelisted.org here.
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
I literally send a test, hello how are you, something like that and it also gives me the error
53 replies
KPCKevin Powell - Community
•Created by Reproski on 9/23/2024 in #back-end
Issues with Emails After Possible Domain Hack
The page is on two blacklists out of 72, I previously removed it from another one but I have not done so on those two, they are:
UCEPROTECTL2
UCEPROTECTL3
53 replies