Notified of compromised account: Where to go from here

mobcdi · Jun 12, 2012

A wordpress site on 1 of my hosts running WHM 11.32.3 build 19 was listed as a phishing website. I've disabled the account but I was hoping for advise on where to go from here to try and find as much detail as possible as to how the site was compromised and how to improve my security to stop it happening in the future as I have other wordpress sites.

The site admin of the compromised site can be considered awol

PlotHost · Jun 12, 2012

I suppose you had a vulnerable wp plugin.
See these security tips : Hardening WordPress « WordPress Codex

mobcdi · Jun 12, 2012

Thanks I'll review its suggestions.

Is there anything I can do via WHM to try find how the problem occured and if other accounts might to open to a similar fate?
Is there a best practice guide for these situations?

mobcdi · Jun 14, 2012

Working my way through Recommended Security Settings

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

Notified of compromised account: Where to go from here

mobcdi Well-Known Member

PlotHost Well-Known Member

mobcdi Well-Known Member

mobcdi Well-Known Member

Compromised Server Questions

Server compromised

Account Compromised

Locate Compromised Site on Server

Server compromised. Need WHM backup for server reinstall

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

Notified of compromised account: Where to go from here

mobcdi Well-Known Member

PlotHost Well-Known Member

mobcdi Well-Known Member

mobcdi Well-Known Member

Compromised Server Questions

Server compromised

Account Compromised

Locate Compromised Site on Server

Server compromised. Need WHM backup for server reinstall

Share This Page