Facebook
Twitter
-
If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
CentOS2Alma discussion
Issue Mysql and server hacked
- Thread starter amir
- Start date
You can try to identify files that have been updated recently, for instance during the past two days:
# find ./* -mtime -2
This can help to find an infection. But normally once a Joomla or Wordpress website is infected, you will need to delete it and replace it with a uninfected copy, change the passwords of your account and remove the vulnerable plugins that the hackers used to break into the server.
If you have not shielded subscriptions against root access (for instance if you did not disable PHP commands shellexec(), exec() and so on), then you can equally well wipe the whole system and start over from scratch, because in that case a hacker will likely have infected many other places on the system, too, that you might never find.
# find ./* -mtime -2
This can help to find an infection. But normally once a Joomla or Wordpress website is infected, you will need to delete it and replace it with a uninfected copy, change the passwords of your account and remove the vulnerable plugins that the hackers used to break into the server.
If you have not shielded subscriptions against root access (for instance if you did not disable PHP commands shellexec(), exec() and so on), then you can equally well wipe the whole system and start over from scratch, because in that case a hacker will likely have infected many other places on the system, too, that you might never find.
