The custom search module was injected twice on a Drupal 7 site I support. They put a file called .login.php into ./sites/all/modules/custom_search/modules/custom_search_taxonomy/

The site sends multiple email spam and gets blocked by the provider.

Please can somebody have a look into this?

Comments

Alex2.0 created an issue. See original summary.

akalata’s picture

akalata CreditAttribution: akalata commented
Category: Bug report » Support request
Priority: Critical » Normal
Status: Active » Closed (works as designed)

That can happen with any module. You'll need to work with your hosting provider to make sure that your file permissions and other security settings are where they should be.