symbolic atack whm

romanepo

• October 27, 2013 05:56

Hi, I installed new centos and whm server.After restore backup i see my all website hacked step by step.How to i stop race symbolic atack whm and protect my whm server.Please need urgent solution. Thank You Roman E

• 

  Infopro

  • October 27, 2013 12:17

  Someone else may have a better solution, but I would suggest you reload that server again from the top, and secure it. And then take a closer look at that backup before attempting to restore it.

  0
• 

  24x7server

  • October 27, 2013 13:10

  Yes, I will also suggest you to secure your server before restoring your account. Also scan your full server and please see if there are any root symlinks are available. This kind of attack generally occurs when root level hacking occurred. I would suggest you to have a look on below security checklist that you should perform : ================================== Install CSF Inistall Mod-Security with Advanced Rules Inistall Clamav Anti Virus Inistall Maldet and scan your full server Inistall LSM Inistall PRM Lockdown & Hardening the Root Password Secure SSHD Port sysctl.conf Hardening host.conf Hardening Network Security with hosts.allow & hosts.deny nsswitch.conf Hardening Enable DDOS Protection Root Login Email Notifications Noexec, Nosuid Temporary Directories (noexec Directories such as /tmp, /var/tmp, /dev/shm) Security Updates as released by OS and/or Control Panel Disable Unwanted Services Enable PHP Open_Basedir Protection Enable mod_userdir Protection Securing Console Access PHP5 Hardening with disabling php functions. Configuring Anti-Spam Features to Reduce Spam ==================================

  0

Please sign in to leave a comment.