Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Server Hacked :( Script to replace index file from backup

Discussion in 'General Discussion' started by crazyaboutlinux, Apr 26, 2011.

  1. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    939
    Likes Received:
    0
    Trophy Points:
    66
    Hi,

    Recently our server got hacked, I checked logs but logs are rotated already so i can not find out how did they got it..., I did changed all users & root password AND also disabled the cpbackup so that the weekly backup don't get overwritten.

    Only index page hacked & rest of things are as it is. hacker has replaced following files to the root(public_html) directories of respective users

    index.html, index.htm, index.php, default.html, default.htm & default.php . we had manually removed these files from root(public_html) directories of each users & restored their index pages.

    Now i am looking for a script which run & remove hacked pages " index.html, index.htm, index.php, default.html, default.htm & default.php " from /home/*/public_html/ AND restore default index pages from the /baclup/cpbackup/weekly/ to the root (public_html) directories of respective users /home/*/public_html

    so that we & others can save the time.

    Looking for your kind support guys :)
     
    #1 crazyaboutlinux, Apr 26, 2011
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,633
    Likes Received:
    449
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Scroll to the bottom of this very thread and check the "Similar Threads" section. There are multiple threads on this forum concerning this topic that you might find useful. ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 Infopro, Apr 26, 2011
  3. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    939
    Likes Received:
    0
    Trophy Points:
    66
    These are very old threads around a year so i have opened a new ticket.
     
    #3 crazyaboutlinux, Apr 27, 2011
  4. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    939
    Likes Received:
    0
    Trophy Points:
    66
    any news ??
     
    #4 crazyaboutlinux, Apr 30, 2011
  5. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    939
    Likes Received:
    0
    Trophy Points:
    66
    Hi Guy's

    Any update on this ??
     
    #5 crazyaboutlinux, May 5, 2011
  6. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,608
    Likes Received:
    33
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    You may wish to hire a qualified system administrator who performs script development to help when you have security issues:

    Dev & Sys Admin Services « Application Catalog

    Such services also typically would help after an account has been exploited in fixing it.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 cPanelTristan, May 5, 2011
(You must log in or sign up to post here.)
Loading...
Similar Threads - Server Hacked Script
  1. kalexanakis

    Server hacked using pam_fprintd.so?

    kalexanakis, Jun 7, 2017, in forum: Security
    Replies:
    8
    Views:
    1,721
    Jcats
    Jun 23, 2017
  2. Naila

    New Thread Gmail SMTP For External outgoing mail server

    Naila, Jan 17, 2019 at 5:26 AM, in forum: E-mail Discussion
    Replies:
    0
    Views:
    30
    Naila
    Jan 17, 2019 at 5:26 AM
  3. domeneas

    New Thread Large number of Rejected relay attempts on server

    domeneas, Jan 17, 2019 at 3:59 AM, in forum: E-mail Discussion
    Replies:
    0
    Views:
    35
    domeneas
    Jan 17, 2019 at 3:59 AM
  4. Fresh Studio

    New Thread SMTP error from remote mail server after pipelined mail error

    Fresh Studio, Jan 16, 2019 at 4:00 PM, in forum: E-mail Discussion
    Replies:
    0
    Views:
    47
    Fresh Studio
    Jan 16, 2019 at 4:00 PM
  5. thewm

    Malicious Outgoing Connection to another server

    thewm, Jan 15, 2019 at 12:50 PM, in forum: Security
    Replies:
    1
    Views:
    56
    cPanelLauren
    Jan 17, 2019 at 12:22 PM

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice