求助：空间被封了

pytom

收到一个GD的邮件，空间被封了，内容如下

Dear Sir/Madam,


Regarding your hosting account 163dhc.info:


The  163dhc.info web site has been suspended for violating section 3 "Your Obligations" of Go Daddy's Web Site and Virtual Dedicated Server Service Agreement.

The relevant passage of this agreement has been provided below:



"You may not use Go Daddy's servers and Your web site as a source, intermediary, reply to address, or destination address for mail bombs, Internet packet flooding, packet corruption, denial of service, or other abusive activities. Server hacking or other perpetration of security breaches is prohibited and Go Daddy reserves the right to remove sites containing information about hacking or links to such information."
Go Daddy's "Web Site and Virtual Dedicated Server Service Agreement" is located at the following URL: https://www.godaddy.com/agreements/showdoc.aspx?pageid=HOSTING_SA

Your web site was found to have been compromised.

This situation has resulted in a potential security threat to Go Daddy's network and the security we provide to other customers.

It appears that this abusive action may have been the result of your server becoming compromised and ultimately exploited by a third party. Upon detection of this problem Go Daddy's Security Operations Center requested that Go Daddy's Advanced Hosting Team alert you of this action in the hope that you can resolve the issue. As we did not receive a response from you regarding these contact attempts, suspending your services was the only available option to protect our network and our other customers.

Go Daddy's security team has collected the following information to assist you in troubleshooting this issue:


Your site uses DedeCMS which has a known vulnerability. An attacker created an account, uploaded an article with malicious code which created a backdoor shell, and began conducting attacks on external sites using our server as early as 01APR2011. We have removed the malicious files that were found. Please update all web applications and passwords as needed to prevent further exploitation.


Your web site can be reactivated immediately by simply responding to this notice with the following:

1. A statement that you have reviewed and agree to abide by the terms of the "Web Site and Virtual Dedicated Server Service Agreement," and

2. A statement that you have removed any malicious content residing on your web site, and

3. A statement that you agree to secure your web site in such a way as to ensure that there is not a re-occurrence of this issue in the future.

After we receive your reply with these statements we will reactivate your web site. (We reserve the right to suspend the site again if a repeat occurrence of this security violation is discovered.)

是什么问题？谢谢各位

lwbo1987

楼主你使用的是DEDECMS吧，godaddy说你的网站被攻击了，可能会影响其他的主机，所以暂停了你的主机，需要你解决问题

pytom

谢谢版主，那怎么解决？

lwbo1987

找到攻击的代码，删除了，然后在联系godaddy客服

pytom

关键是现是FTP进不了，GD的管理也不进了，那怎么改

pytom

在线求解决办法

lwbo1987

只能联系客服解决了