Facebook
Twitter-
The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
-
We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.
Issue Mysql and server hacked
- Thread starter amir
- Start date
You can try to identify files that have been updated recently, for instance during the past two days:
# find ./* -mtime -2
This can help to find an infection. But normally once a Joomla or Wordpress website is infected, you will need to delete it and replace it with a uninfected copy, change the passwords of your account and remove the vulnerable plugins that the hackers used to break into the server.
If you have not shielded subscriptions against root access (for instance if you did not disable PHP commands shellexec(), exec() and so on), then you can equally well wipe the whole system and start over from scratch, because in that case a hacker will likely have infected many other places on the system, too, that you might never find.
# find ./* -mtime -2
This can help to find an infection. But normally once a Joomla or Wordpress website is infected, you will need to delete it and replace it with a uninfected copy, change the passwords of your account and remove the vulnerable plugins that the hackers used to break into the server.
If you have not shielded subscriptions against root access (for instance if you did not disable PHP commands shellexec(), exec() and so on), then you can equally well wipe the whole system and start over from scratch, because in that case a hacker will likely have infected many other places on the system, too, that you might never find.
Similar threads
