Remove Sites from Compromised Server?

Muhamed Asil

• October 13, 2018 01:51

The accounts which hosted on my server and installed WordPress stopped and redirect to spam websites and sending spam emails. the server seems hacked. what should I do please?

• 

  Anupam SG

  • October 13, 2018 10:21

  If the server is hacked you may need to wipe the server, unless you are able to ascertain which all directories are infected.

  0
• 

  cPanelLauren

  • October 16, 2018 16:47

  HI @Muhamed Asil In a lot of cases, this originates from a WordPress installation having a vulnerable plugin or theme. While difficult to clean I don't think it (unless root compromised) would be necessary to wipe the entire server and start fresh. I would suggest reading over some of WordPress's articles on how to resolve issues that come about such as this but ultimately you need to remove the source of the issue, audit your files and potentially use a malware scanner such as ClamAV or Linux Malware Detect (there's a bunch of others too) to check the integrity of the files. If you're at a complete loss then I would suggest contacting a qualified system administrator for assistance. If you don't have one you might find one here: System Administration Services | cPanel Forums Thanks!

  0

Please sign in to leave a comment.