romanepo

Active Member
Sep 24, 2013
25
0
1
cPanel Access Level
Root Administrator
Hi,
I installed new centos and whm server.After restore backup i see my all website hacked step by step.How to i stop race symbolic atack whm and protect my whm server.Please need urgent solution.

Thank You
Roman E
 

24x7server

Well-Known Member
Apr 17, 2013
1,894
91
78
India
cPanel Access Level
Root Administrator
Yes, I will also suggest you to secure your server before restoring your account. Also scan your full server and please see if there are any root symlinks are available. This kind of attack generally occurs when root level hacking occurred. I would suggest you to have a look on below security checklist that you should perform :

==================================
Install CSF
Inistall Mod-Security with Advanced Rules
Inistall Clamav Anti Virus
Inistall Maldet and scan your full server
Inistall LSM
Inistall PRM
Lockdown & Hardening the Root Password
Secure SSHD Port
sysctl.conf Hardening
host.conf Hardening
Network Security with hosts.allow & hosts.deny
nsswitch.conf Hardening
Enable DDOS Protection
Root Login Email Notifications
Noexec, Nosuid Temporary Directories (noexec Directories such as /tmp, /var/tmp, /dev/shm)
Security Updates as released by OS and/or Control Panel
Disable Unwanted Services
Enable PHP Open_Basedir Protection
Enable mod_userdir Protection
Securing Console Access
PHP5 Hardening with disabling php functions.
Configuring Anti-Spam Features to Reduce Spam
==================================