The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Replace index pages

Discussion in 'Security' started by compunet2, Apr 22, 2010.

  1. compunet2

    compunet2 Well-Known Member

    Joined:
    Feb 21, 2003
    Messages:
    310
    Likes Received:
    0
    Trophy Points:
    16
    I'm recovering from a hack, which also got my backups. I need to be able to replace all the index*.* files with a blank index file owned by the owner. How can I do this?
     
  2. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    If you have not re-setup the accounts yet, you can put your own index file in the skeleton template for cpanel.

    If you have setup the accounts, you have the option of either copying in a new index page or setting up a .htaccess redirect (preferred) for each account.

    You said "got your backups" too --- are you sure?

    Don't think you can recover at all?

    Can the data from the backups (assuming you got something) be used to repair the damage to the hosting accounts?

    Depending on the particular hack involved and if files were overwritten or just modified with inserted code, have you run any filters to removed the hacked / inserted information from the user's files?

    Depending on exactly was done you actually be in far better shape than you thought or on the flipside of that, possible worse. You have not given much information but I'm guessing some kind of I-Frame / index rewrite type of attack probably initially through FTP in the first wave but then again I've only got about 3 words from your post above.

    Incidentally, hacking recovery and security hardening along with cpanel account reconstruction is precisely what I do and is where most of my time is spent most days of the week -- point in fact, if you tell me a little bit more about what is going on exactly, I may be able to help you ;)
     
  3. compunet2

    compunet2 Well-Known Member

    Joined:
    Feb 21, 2003
    Messages:
    310
    Likes Received:
    0
    Trophy Points:
    16
    I was hit by a defacer, all index*, main*, home* & default* files on the server were changed to say "this Site Has Been Hacked By DARK". I've formatted and reloaded the OS / cPanel, however now I'm in a pickle. My backups were set to incremental, so they weren't creating .tar's. Therefore, all the index files on /backup were changed too. So before I restore the accounts, I want to be able to replace all the index*.* on /backup/cpbackup/weekly to a blank index file.

    I found a copy of the perl script that did it, but I'm pretty sure its going to change all the index files on the server (which I don't want, I only want to do the backup), and I don't know how to make it only do the one folder. For security reasons, I won't post the perl script here.
     
  4. llyod

    llyod Registered

    Joined:
    Apr 21, 2010
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    hi, You could perform a 301 redirect from your old page to the new page, however I don't think that is the best option here.The best option would be to ask your host to add 'home.php' to the list of "DirectoryIndex" files for your domain.You could also do this yourself via a .htaccess. You would add the following line to your .htaccess file if you already have one:DirectoryIndex home.php
    You can also include other default file names you commonly use:
    DirectoryIndex index.php home.php index.html.

    <<LINK REDACTED BY MODERATOR>>
     
    #4 llyod, Apr 23, 2010
    Last edited by a moderator: Apr 23, 2010
Loading...

Share This Page