Which php script is spamming?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • emin
    Junior Member
    Forum Explorer
    • Mar 2021
    • 29

    #1

    Which php script is spamming?

    I can see that one specific user is trying to send a lot of spam mail. And I can see that a lsphp process of that user is using a lot of cpu. How do I figure out which php script is being executed?

    htop only shows "lsphp", not which script its executing.
  • ighertesco
    Senior Member
    • Nov 2016
    • 184

    #2
    Hello,

    While running "top", you can press "c" key, this will show the full command line for the process.

    Comment

    • emin
      Junior Member
      Forum Explorer
      • Mar 2021
      • 29

      #3
      Hmm. You are right. It actually shows the full script path with "top".
      Is there a way to get it to work with "htop"?

      Comment

      • emin
        Junior Member
        Forum Explorer
        • Mar 2021
        • 29

        #4
        It actually does seem to work with htop as well. I dont know why I didnt see it before.

        Is there a better way to find spam sending scripts?
        Imunify360 Malware scanner doesnt seem to catch it.

        Comment

        • ighertesco
          Senior Member
          • Nov 2016
          • 184

          #5
          There is no exact instruction, but you can refer, for example, to this article: http://www.inmotionhosting.com/suppo...tion-with-exim

          Imunify360 should handle such situations as well, so if it does not, please submit a ticket to https://cloudlinux.zendesk.com, we will check it

          Comment

          Working...