Hi,
Recently our server got hacked, I checked logs but logs are rotated already so i can not find out how did they got it..., I did changed all users & root password AND also disabled the cpbackup so that the weekly backup don't get overwritten.
Only index page hacked & rest of things are as it is. hacker has replaced following files to the root(public_html) directories of respective users
index.html, index.htm, index.php, default.html, default.htm & default.php . we had manually removed these files from root(public_html) directories of each users & restored their index pages.
Now i am looking for a script which run & remove hacked pages " index.html, index.htm, index.php, default.html, default.htm & default.php " from /home/*/public_html/ AND restore default index pages from the /baclup/cpbackup/weekly/ to the root (public_html) directories of respective users /home/*/public_html
so that we & others can save the time.
Looking for your kind support guys
Recently our server got hacked, I checked logs but logs are rotated already so i can not find out how did they got it..., I did changed all users & root password AND also disabled the cpbackup so that the weekly backup don't get overwritten.
Only index page hacked & rest of things are as it is. hacker has replaced following files to the root(public_html) directories of respective users
index.html, index.htm, index.php, default.html, default.htm & default.php . we had manually removed these files from root(public_html) directories of each users & restored their index pages.
Now i am looking for a script which run & remove hacked pages " index.html, index.htm, index.php, default.html, default.htm & default.php " from /home/*/public_html/ AND restore default index pages from the /baclup/cpbackup/weekly/ to the root (public_html) directories of respective users /home/*/public_html
so that we & others can save the time.
Looking for your kind support guys
