I sure hope someone here can help me. I had pmachine pro installed on my personal website and my host terminated my account because he told me that someone had hacked the pm files on my website and was using it to send out MASSIVE amounts of spam. We are talking in the hundreds of thousands here. Anyway, I have saved every bit of “proof” that he sent to me, but he is telling me that they hacked this file here - “/public_html/pm/add_ons/mail_this_entry”

I have absolutely NO idea what any of this means, but my host is now holding ME responsible for this massive spam attack, which I DID NOT do! He told me that its my fault that I installed a unsecure script….is this true? Can pmachine be “hacked” like this to send out all these spam emails? I really love pmachine, but am scared to ever touch it again just because I cannot afford to pay for anymore damages that it is causing me.

Thanks for any help you can offer
Michelle

I’ve never heard of it being hacked but I’ll let the staff kick in as they would know for sure. But, I have heard of other PHP scripts being hacked that reside on the same server and potentially causing a problem all around. Are you running any other php scripts (phpBB, etc)?

nope, no other scripts, just pmachine.

I’m not enough of a server geek to help so will have to let the pros help you get to the bottom of it.

Is anyone around here that can help me with my above post? I really want to use pmachine, but am scared of this happening to me again….maybe I should just upgrade to EE? But, I don’t want to pay for EE and have the same problem happen to me again that did with pmachine. Has anyone here had a problem like this before and if so, what do I do to fix it?

Thanks so much!
KCWebDesigner

Hey, Michelle. Try the core version of EE first. You can use that on your personal blogging site.

Also - keep in context who your host is.

Hey there Sue! Ok, I will install the core EE this weekend and see if that will work for me. btw, I am no longer with THAT host….lol.

Michelle

The same thing just happened to me. I hate spammers.

Does this vulnerability exist in EE? If not, it sounds like time for me to upgrade too.

Robert, no it doesn’t. It’s time for an upgrade anyhow. pMachine PRO is no longer being updated or supported.