Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Server Hacked :( Script to replace index file from backup

Discussion in 'General Discussion' started by crazyaboutlinux, Apr 26, 2011.

  1. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    941
    Likes Received:
    0
    Trophy Points:
    66
    Hi,

    Recently our server got hacked, I checked logs but logs are rotated already so i can not find out how did they got it..., I did changed all users & root password AND also disabled the cpbackup so that the weekly backup don't get overwritten.

    Only index page hacked & rest of things are as it is. hacker has replaced following files to the root(public_html) directories of respective users

    index.html, index.htm, index.php, default.html, default.htm & default.php . we had manually removed these files from root(public_html) directories of each users & restored their index pages.

    Now i am looking for a script which run & remove hacked pages " index.html, index.htm, index.php, default.html, default.htm & default.php " from /home/*/public_html/ AND restore default index pages from the /baclup/cpbackup/weekly/ to the root (public_html) directories of respective users /home/*/public_html

    so that we & others can save the time.

    Looking for your kind support guys :)
     
    #1 crazyaboutlinux, Apr 26, 2011
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,071
    Likes Received:
    348
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Scroll to the bottom of this very thread and check the "Similar Threads" section. There are multiple threads on this forum concerning this topic that you might find useful. ;)
     
    #2 Infopro, Apr 26, 2011
  3. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    941
    Likes Received:
    0
    Trophy Points:
    66
    These are very old threads around a year so i have opened a new ticket.
     
    #3 crazyaboutlinux, Apr 27, 2011
  4. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    941
    Likes Received:
    0
    Trophy Points:
    66
    any news ??
     
    #4 crazyaboutlinux, Apr 30, 2011
  5. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    941
    Likes Received:
    0
    Trophy Points:
    66
    Hi Guy's

    Any update on this ??
     
    #5 crazyaboutlinux, May 5, 2011
  6. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,609
    Likes Received:
    31
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    You may wish to hire a qualified system administrator who performs script development to help when you have security issues:

    Dev & Sys Admin Services « Application Catalog

    Such services also typically would help after an account has been exploited in fixing it.
     
    #6 cPanelTristan, May 5, 2011
(You must log in or sign up to post here.)
Loading...
Similar Threads - Server Hacked Script
  1. kalexanakis

    Server hacked using pam_fprintd.so?

    kalexanakis, Jun 7, 2017, in forum: Security
    Replies:
    8
    Views:
    1,062
    Jcats
    Jun 23, 2017
  2. martin MHC

    Webmin installed on cPanel server?

    martin MHC, Apr 24, 2018 at 9:43 AM, in forum: General Discussion
    Replies:
    4
    Views:
    29
    cPanelMichael
    Apr 24, 2018 at 11:20 AM
  3. Rogerio

    SSL errors receiving emails from other servers

    Rogerio, Apr 23, 2018 at 12:53 PM, in forum: E-mail Discussions
    Replies:
    3
    Views:
    35
    cPanelLauren
    Apr 23, 2018 at 1:31 PM
  4. Nirjonadda

    You must reboot the server to apply software updates

    Nirjonadda, Apr 20, 2018 at 11:43 AM, in forum: General Discussion
    Replies:
    6
    Views:
    59
    Nirjonadda
    Apr 20, 2018 at 1:47 PM
  5. Bashed

    CBL Listing Due to "Spam Trap Servers"

    Bashed, Apr 19, 2018 at 3:30 PM, in forum: E-mail Discussions
    Replies:
    6
    Views:
    46
    cPanelLauren
    Apr 20, 2018 at 7:46 AM

Share This Page