• The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Compromised - Need rebuild best practice info...

C

C4talyst

Guest
I've inherited a few Plesk boxes, one of which has 500 domains/sites on it. Today I found this machine has been root level compromised. I was hoping some you could enlighten me on best practices for rebuilding / recovering from this.

I'm guessing I'll need to stand up a new machine, harden it and then start migrating clients to it. Any thoughts? Thanks!
 
First of all you will need to find out how they broke in.
Then you will need a backup of all important files, like /var/www/vhosts* , /var/qmail/*, /etc/, /var/lib/mysql (and also create a dump from all database), /usr/local/psa/

Then after backup is done, you need to reinstall the server, install SAME version of PLESK, and start to restore data.
You can do this manually or automatically, but in any case will be painful and time consuming.
 
You must log in or register to reply here.

Similar threads

L
Issue Being logged out of Plesk after nearly every page (error 400)
Replies
2
Views
3K
Himanshu Goyal
H
C
Question Plesk Ubuntu with Microsoft Azure - Geo replication
Replies
0
Views
2K
corend
C
E
How to Set up Your WordPress Website Security
Replies
0
Views
2K
Elvis Plesky
E
lvalics
Resolved CBL and PLESK
Replies
3
Views
3K
trialotto
T
KublerMDK
Resolved Being logged out of Plesk after nearly every page (error 400 with cookie delete)
Replies
6
Views
18K
rhyslk
R
Back
Top