Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Reinstall x3 theme

Discussion in 'User Experience' started by HTHP, Jun 27, 2009.

  1. HTHP

    HTHP Registered

    Joined:
    Jun 27, 2009
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    51
    Hi,
    My friend's server was defaced by a script kiddie and he removed all index.* pages from the server and made here own index.html page.
    Now there's no backup at all! I removed all skiddie pages but users can't log into the cpanel because the original index.html in /usr/local/cpanel/base/frontend/x3/index.html is removed.
    I forced reinstallation with # /scripts/upcp --force and still we can't access to cpanel (btw there's no pb with log into WHM).
    Any idea how to reinstall completely cpanel or just reinstall the x3 theme??
    Thanks in advance.
     
    #1 HTHP, Jun 27, 2009
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,160
    Likes Received:
    370
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Forcing a cPanel update should have fixed any theme problems if you are indeed running the default cPanel X3 theme. You should consult with a security professional, ASAP.

    If they defaced an accounts index.html that's one thing, if they got into the server itself and defaced a cPanel theme file (makes no sense really as if they can do that they should be able to do most anything else server wide. Why bother with a theme file no one can see but the user?)

    Was the account a reseller? If yes they might have set a customized/branded theme logged in as the reseller.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 Infopro, Jun 27, 2009
  3. HTHP

    HTHP Registered

    Joined:
    Jun 27, 2009
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    51
    I know how they got into the server... they got a root so they replace every index.* file into / by there index file.
    Now I removed all backdoors and shells, and I fixed all vulnerability in the server and in the php scripts.
    I have the account owner (root) and I need to copy every old index.* file in /usr/local/cpanel/base/frontend/ to fix the x3 theme.
    It will be great if someone compress index files in this directory and upload it somewhere so I can download it and replace the skiddie index files to fix the theme.
    Peace.
     
    #3 HTHP, Jun 28, 2009
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,160
    Likes Received:
    370
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    That's not how it's done though. To repair your cPanel X3 theme you run an update as suggested which refreshes all files on the cPanel side of things. If that's not working for you after doing it, and you're sure your browser cache has been cleaned out first to check it, then you might contact cPanel to take a look. Doing a forced update should fix it.

    They got root access to your server and only changed index files? I wouldn't trust it, personally.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 Infopro, Jun 28, 2009
  5. HTHP

    HTHP Registered

    Joined:
    Jun 27, 2009
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    51
    They only defaced some index pages and installed a rootkit that's why I called them script kiddies..
    I contacted the cpanel support and now it's work after forcing reinstall. It doesn't work for me beause in /etc/cpupdate.conf the CPANEL= line was set to never, that line must be manual-release..
    After doing this, a forced update fix it.
    Thanks Infopro for your time.
    Peace
     
    #5 HTHP, Jun 28, 2009
(You must log in or sign up to post here.)
Loading...
Similar Threads - Reinstall theme
  1. Seyed

    error update yum reinstall lvemanager -y

    Seyed, May 15, 2018, in forum: General Discussion
    Replies:
    5
    Views:
    136
    cPanelMichael
    May 17, 2018
  2. Nirjonadda

    How to reinstall cPanel/WHM?

    Nirjonadda, Aug 28, 2017, in forum: General Discussion
    Replies:
    3
    Views:
    1,494
    cPanelMichael
    Aug 29, 2017
  3. maar3amt

    Reinstall cPanel in Centos 5

    maar3amt, Jun 26, 2017, in forum: Workarounds and Optimization
    Replies:
    5
    Views:
    590
    cPanelMichael
    Jun 27, 2017
  4. bloom360

    SOLVED Reinstall Mod Security

    bloom360, May 30, 2017, in forum: EasyApache
    Replies:
    4
    Views:
    483
    Infopro
    May 30, 2017
  5. Nizzo

    Server compromised. Need WHM backup for server reinstall

    Nizzo, Dec 30, 2016, in forum: Data Protection
    Replies:
    4
    Views:
    834
    Infopro
    Dec 31, 2016

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice