row of servers that are susceptible to server hijacking

I recently had a client come to me because she wasn’t getting emails from her website form. She said the form was not working at all. So I went to the website and tested the form. It worked upon submission – I saw the confirmation notice.

I then logged into the website to check it out, and when I went to the Entries area of Gravity Forms, there was nothing there. Not a single message, including the one I’d just sent.  I use Gravity Forms on nearly every site I build. It’s a solid form plugin and I have never had a problem with it. I use Akismet integration with it so I never have to have a recaptcha, because man, those are annoying.

I happened to notice that her spam folder in the form entries had 76 entries. I clicked over to it, and there was my message. Along with 75 other messages that she hadn’t gotten.


I felt sick. I emailed my client and told her where to look for her messages. Then she felt sick when she saw them. It was a disaster. She hadn’t been getting these messages for months! There were major missed messages that were affecting her business. I was really upset that this had happened.

My client reported that she lost $15,000 in business because she didn’t get those messages. My heart is breaking for for her.

Since I use Gravity Forms with Akismet on every site, I was immediately afraid of finding this on other sites, so I started logging in and checking spam boxes. None of the other ones had this problem. This was exclusive to this one website.

I knew I had to figure out why, so my first check was to see if there was anything fishy going on with her IP. I headed on over to MX Toolbox to do a blacklist check. And there was the problem. Her website IP was flagged on several different blacklists.

Since the messages that come through the website use her IP, and her IP was labeled as spam, Akismet was flagging all the messages submit on her website. So every single message was in the spam folder.

That is a big, big problem. Immediately we shut off the spam filter, because we needed to get the messages to go through, and that was the short term fix. But we also needed a long term fix. We have to get that IP off the spam lists.

There’s a process for getting off spam lists, and if you use the tools at MX Toolbox, you can follow the steps and request removal. Usually it works within a few days, especially if you know how you got on the list and have taken steps to rectify the problem. However, it’s important to find the reason you got on the list in the first place.

The question is – how did her IP get on there?

That is really hard to say. But if you use shared hosting and your IP is on these lists, there’s a good possibility that it’s not even your fault. Neighboring websites who share your server could be hacked or sending spam, causing the problem. And if that’s the case, you can’t even fix it yourself.

If you find yourself on a blacklist, start with contacting your web host. They can look to see if the problem is being generated from your site or another site on the same server and they can take steps to eliminate the problem. A reputable web host will help you get off the lists, and will alert neighboring accounts if they are causing a problem.

What should I do to prevent this?

Prevention is good, but it’s not always possible if you are on a shared host and you didn’t cause the problem. Of course, keep your software and plugins up to date, use strong passwords everywhere, but I recommend setting up an alert at MX Toolbox. It’s free, and it’ll scan for your IP regularly and send you an alert if it shows up on any blacklists so you can deal with it immediately.

Also, set up Google webmaster tools for your site if you haven’t already. (If you are one of my clients, I have most likely done this for you.) If your site gets hacked, often times Google will pick it up and alert you before your site gets blacklisted.

One more option, sign up for Sucuri. They’ll keep your site monitored at all times, alerting you if there’s a problem.

Finally, my favorite option, use Mandrill. Mandrill is a transactional email delivery platform from the people at MailChimp. You can integrate it with your website so that all messages are being sent through the Mandrill server. It’s an excellent service and it works great. (It used to be free, but now it’s $9.99 per month for the first 25K emails delivered each month.) If you are worried about losing messages, it’s a good solution.

Posted in | Tagged with , ,
Amy Masson, Web Developer

Amy Masson

Amy is the co-owner, developer, and website strategist for Sumy Designs. She's been making websites with WordPress since 2006 and is passionate about making sure websites are as functional as they are beautiful.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.