• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Compromised - Need rebuild best practice info...

C

C4talyst

Guest
I've inherited a few Plesk boxes, one of which has 500 domains/sites on it. Today I found this machine has been root level compromised. I was hoping some you could enlighten me on best practices for rebuilding / recovering from this.

I'm guessing I'll need to stand up a new machine, harden it and then start migrating clients to it. Any thoughts? Thanks!
 
First of all you will need to find out how they broke in.
Then you will need a backup of all important files, like /var/www/vhosts* , /var/qmail/*, /etc/, /var/lib/mysql (and also create a dump from all database), /usr/local/psa/

Then after backup is done, you need to reinstall the server, install SAME version of PLESK, and start to restore data.
You can do this manually or automatically, but in any case will be painful and time consuming.
 
You must log in or register to reply here.

Similar threads

L
Issue Being logged out of Plesk after nearly every page (error 400)
Replies
2
Views
3K
Himanshu Goyal
H
C
Question Plesk Ubuntu with Microsoft Azure - Geo replication
Replies
0
Views
2K
corend
C
E
How to Set up Your WordPress Website Security
Replies
0
Views
2K
Elvis Plesky
E
lvalics
Resolved CBL and PLESK
Replies
3
Views
4K
trialotto
T
KublerMDK
Resolved Being logged out of Plesk after nearly every page (error 400 with cookie delete)
Replies
6
Views
18K
rhyslk
R
Back
Top