How to deal with a compromised website running on shared hosting?
I'm looking answers for:
- What are the steps should I follow in order to take back the control and block any future attacks by the same vulnerabilities?
- How to know what vulnerability was used by the hacker to exploit? (I guess, this is not going to be a straight answer but I'm expecting best possible).
- Any scanning or ways to identify the malicious codes?
Some of the technical details here -
- Shared PHP web hosting.
- The account contains multiple add-on domains including the ones running wordpress and custom PHP.
- Hosted on one of the popular web hosting companies running on Linux.
Some of the symptoms noticed -
- The homepage is being redirected to some other URL where advertisements are hosted.
- Homepage is defaced.
- Some of the source code has been changed. The file has been updated with a lot of code encrypted by regular expression.
- .htaccess is updated.
I've looked at How do I deal with a compromised server?
Please free to comment to ask me more details if required.
TIA, Pavan
Aucun commentaire:
Enregistrer un commentaire