Sites hacked, need advice on recreating reseller account

Shamballa

Registered
Mar 2, 2012
1
0
51
cPanel Access Level
Reseller Owner
Hello

My reseller account recently got hacked (cheers guys :D) many of the joomla sites on the account were accessesd and passwords changed, I am assuming all sites compromised beyond my knowledge and must start again. I am looking for advice for the safest and best way to do this without having to wipe all out and start again. I know I must delete at some point but I want to do this with minumum downtime over a period of weeks. Is it best to get a whole new acount and create new sites then change nameservers or is it best to reuse same accout, if so I cant figure out how to build a new version of the site when the hacked version is still live?

Any help much appreciated, thank you
 

Infopro

Well-Known Member
May 20, 2003
17,075
524
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
If the account is hacked it should be taken offline. You can go thru a backup of it for your theme, images etc, stuff you can salvage. (make sure the timthumb script is not in that theme)

If the server has been compromised, same goes there. It should be taken offline. If you're not sure how secure the server is there really is no other way to know if its safe or not without a proper security expert looking at it for you.

You can find several options here for that if you're interested:
Dev & Sys Admin Services « Application Catalog