Hi I have VPS with Godaddy and I got hacked as it seems... Hacked by Tn_Scorpion CLICK Please help me, what can I do about it and how can I prevent it from happening again?
What content you have previously? Does domain is hacked or hosting. Check it . You still able to login to hosting and domain.
I am still able to login! Everything works, buy all index files were replaced with this "hacked by" site Please help I know exact time of when it was done because all index files were modified then. How can I check now all processes that run at that time? Please don't say check the logs. Please be as specific as you can. I am using WHM/Cpanel Thank you very much!
I will restore backups but I need to find out how he/she got through first... It wasn't through passwords as only files were changed... I suppose there is a problem in my code and then he/she managed to get through and change my files How can I find out from which script this the hacker enter my server? Please help
Hi Mate, Tn_Scorpion is a hacker from old school MagAttack and THA (Tunisian Hack Attack). i think this hacker dont have any problem with you but if you host your files under Godaddy isnt a good idea all their server are easy to hack (alot of linux security vulnerabilities). Any questions be welcome. Cordially.
How may I protect myself from it happening again I'm just trying to open my own small online business and have a poor understanding of server maintance...
Many different ones. Mostly wordpress. I don't think we'll be able to locate it like that. I need to somehow find processes list and then locate throug which script he/she made it through.
it is recommended to update wordpress everytime there is available updates and you might wanna edit your htaccess to protect and avoid not to happen again.
Was wordpress updated to the latest version? Many of these "hackers" search the web for websites running scripts/versions with know vulnerabilities. The following article may help you make sure your wordpress is as secure as possible: http://codex.wordpress.org/Hardening_WordPress
I will look into that link. How can I edit htaccess file? Any way I can find out which particular hole was the problem?
first : you godaddy hosting isnt good protected (i like Godaddy domain and SSL) but i never like their hosting. second : you have installed a bugy plugin in wordpress (like video plugins or something like) or using old wordpress version. third : are you using (a yahoo anwser script or similar ??) so much web sites are hacked du a security vulnerabilities on script like that. are u using Fantastico in cpanel 11.X ?? there is a version with big security hole you must verify that( i mean Fantastico). Any others questions ?? Cordially. You must update and protect your web server
well I will upgrade all my wordpress sites and their plugins and keep them up to date. I will also create full backups regulary and hopefully I will not be the target anymore. But I guess you can never be 100% safe and they can always find a way to get in... I just hope they skip me next time. Edit: I have one more question please. How are these attacks made? All my index files were changed. Was a script uploaded to the server that did this, or did the attacker somehow gained access to my server via FTP?
it seems we must continue to update wordpress. I have 2 websites made with wordpress, its hacked because late in updated.