The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Step by step, how do I change my cPanel Ftp passwords and mysql

Discussion in 'Security' started by butter99, Sep 3, 2014.

  1. butter99

    butter99 Member

    Joined:
    Sep 3, 2014
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I need a Step by step on how to change my cPanel Ftp passwords and mysql? And ideas on anything else to change would be good because a hacker changed all my index.php files on like 100 websites.

    I got hacked a few days ago and really need to change this info. Im hoping this would prevent him from getting in and abusing my sites any further. He already changed the index.php to use as his own advert.

    I found this http://forums.cpanel.net/f34/change-all-user-cpanel-password-198772.html
    but not being a programmer, where do I place the "scripts" code to do what is says to do? Do I create a file? Do I go to phpmyadmin? How is it done?

    Also, is there any way to get the original index.php file back? Or, since he changed it, is it gone forever? I did not back up all my sites, so I may just be outa luck for that part. At least many are wp sites, so its not complicated.

    Steps would be fantastic :)
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Was root access obtained on the server or was it isolated to individual accounts? Please keep in mind that if your server was rooted, it's recommended to reinstall the OS/cPanel and restore your accounts from backup. I highly advise consulting with a qualified system administrator if you are unsure how this happened, as changing the passwords is not really going to prevent it from happening again.

    Thank you.
     
  3. butter99

    butter99 Member

    Joined:
    Sep 3, 2014
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    hm, ok.

    I really wouldnt know if they accessed my root or just accounts.

    My cpanel is with hostgator, they told me they could clean it up, but without changing "the passwords" there would be no guarantee that they wouldnt access again and inject code. So I updated all my wordpress sites and plugins and now want to bulk change all my ftp pass and mysql pass and hope that will come closest to eliminating their access. Then I may pay hostgator their fee of $75 so they can "clean up the code" etc.

    If you've got any suggestions for this situation, please advise. I know this happens to tons of people and their must be some procedure for reducing future hacks.

    ideas? change passwords? Which passwords? How?
     
  4. mageshm

    mageshm Well-Known Member

    Joined:
    Apr 17, 2014
    Messages:
    90
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Chennai, INDIA
    cPanel Access Level:
    DataCenter Provider
    @ butter99,

    You are having dedicated server or VPS ?

    It seem's that you don't know how its happened and root causes of issues.

    So better, do what cPanelMichael advised.

    Cpanel recomanded server managment company list is there in cpanel site itself but i don't know the exact link, find it for better solution.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  6. butter99

    butter99 Member

    Joined:
    Sep 3, 2014
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    my hostgator cpanel is simply business shared hosting. So I wouldnt think they obtained root access, but I guess I wouldnt know.

    Would a professional know how he accessed? Or is it impossible to know?

    If I pay hostgator $75 for "clean up", do you think theyll do a better job than a company or not?
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    I would ask for more information and details about what exact steps they would take. Again, it's likely a better idea to reinstall the OS/cPanel and restore your accounts from backup if your server was rooted.

    Thank you.
     
  8. butter99

    butter99 Member

    Joined:
    Sep 3, 2014
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Yes, I agree about just reinstalling the backup, but the hack occured right in the middle of 10 sites we were building, plus I think code had been injected at some earlier point as well. So who knows where to restore at, plus id lose a bunch of sites, I would imagine.

    Hostgator said, change my mysql pass and ftp pass, but they didnt explain how to do it. Would I have to do that manually with my business shared hosting account? Or, maybe the script would work?
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Again, I really suggest consulting with a qualified system administrator. Simply changing the passwords is not going to do anything but temporarily patch an issue that could happen again if you do not investigate how it happened.

    Thank you.
     
  10. georgeb

    georgeb Well-Known Member

    Joined:
    May 23, 2010
    Messages:
    48
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Montreal, QC, Canada
    cPanel Access Level:
    Root Administrator
    Yes, but if you are in a shared environment only Hostgator or whatever your provider is, will know exactly what happened consulting the logs of the server.


    Again you don't have to pay $75 because you are not in control of the server or of the security policy, the provider is the one responsible with the security of the server. If you pay that amount probably you have extra money to spend.

    So gain you have to contact Hostgator support to clean up the mess, they are in control of the server where you are hosted. Simple no?
     
  11. butter99

    butter99 Member

    Joined:
    Sep 3, 2014
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Well, hostgator has given me tips, but will not clean my server hacker codes until I pay them $75.

    They did finally say that it would be best to change all FTP and mysql passwords. This is what Ive been wanting to do all along, but nobody has given me any beginner help on how to do so. I found these scripts to "bulk change the passwords", but I dont know where to add the codes or run them---> http://forums.cpanel.net/f34/change-all-user-cpanel-password-198772.html

    This is the script to bulk change all ftp and or mysql pass-->

    1. take all usernames in one file------>
    ls -la /home | awk '{print $3}' | grep -v root | grep -v wheel | grep -v cpanel | grep -v apache >> list.txt

    2. change all passwords randomly----->
    #!/bin/bash
    str0="$$"
    for i in `more users.txt `
    do
    POS=2
    LEN=8 # Make password 8 characters.
    str1=$( echo "$str0" | md5sum | md5sum )
    randstring="${str1:$POS:$LEN}"
    let str0=str0+5
    echo "$i $randstring" >> newpass.txt
    /usr/local/cpanel/scripts/realchpass $i $randstring
    /scripts/ftpupdate
    done


    HOW do I run these scripts? Anybody? Im a beginner when it comes to this stuff. I need to add it to my "business shared hosting at hostgators cpanel". How?
     
  12. butter99

    butter99 Member

    Joined:
    Sep 3, 2014
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    well, I never figured out how to use this script to change all my ftp pass and mySQL pass, so I just changed them all manually. DONE

    If someone wants to explain, that would be great for next time someone hacks a hostgator shared hosting account.
     
Loading...
Similar Threads - Step step change
  1. Tap@s
    Replies:
    3
    Views:
    40

Share This Page