To stop Spam:
drop SMTP on port 25, 465 and 587 to prevent further spam from being sent out by running the following commands:
# /sbin/iptables -A INPUT -p tcp --dport 25 -j DROP # /sbin/iptables -A OUTPUT -p tcp --dport 25 -j DROP # /sbin/iptables -A INPUT -p tcp --dport 465 -j DROP # /sbin/iptables -A OUTPUT -p tcp --dport 465 -j DROP # /sbin/iptables -A INPUT -p tcp --dport 587 -j DROP # /sbin/iptables -A OUTPUT -p tcp --dport 587 -j DROP
Restart:
# service iptables restart
Block an IP accessing the site:
# iptables -A INPUT -s 80.35.xx.xxx -j DROP
Restart:
# service iptables restart
After that – check the cpnael access logs for the domain and see that there is a 403 Error:
# tail -f /usr/local/apache/domlogs/gamedayboston.com 80.82.xx.xx - - [07/Oct/2014:17:13:46 -0400] "POST /xmlrpc.php HTTP/1.0" 403 - "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" 80.82.xx.xx - - [07/Oct/2014:17:13:46 -0400] "POST /xmlrpc.php HTTP/1.0" 403 - "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" 80.82.xx.xx - - [07/Oct/2014:17:13:46 -0400] "POST /xmlrpc.php HTTP/1.0" 403 - "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"