Finding deleted folders in the log

nanrector

• December 15, 2014 14:18

Hello! I've had a wordpress theme folder deleted from a web site server and I'm trying to figure out when it happened so we can determine who may have done it. I've found the log files in the cpanel File Manager and the theme shows up for the last time at 10:01pm last night. However I have no idea what the entries mean. Is there a easy way for me to tell when a folder was deleted? The theme was called flycase. Here is the last entry that references it: 157.55.39.126 - - [14/Dec/2014:20:01:02 -0600] "GET /wordpress/wp-content/themes/flycase/js/jquery.swipebox.min.js?ver=1.2.1 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" Appreciate any input. Nancy

• 

  cPanelMichael

  • December 16, 2014 17:44

  Hello :) Your access level is listed as "Website Owner". Do you have root access to this system or only access to cPanel itself? Thank you.

  0
• 

  nanrector

  • December 16, 2014 18:21

  I'm not quite sure what root access means. My domain is hosted with a company.

  ]Hello :) Your access level is listed as "Website Owner". Do you have root access to this system or only access to cPanel itself? Thank you.

  
  

  0
• 

  cPanelMichael

  • December 17, 2014 18:47

  I suggest reporting this issue to your web hosting provider so they can take a closer look at the Apache/FTP/cPanel logs to see if they can determine how this happened. Thank you.

  0
• 

  nanrector

  • December 18, 2014 16:11

  I have contacted them. Unfortunately they said they could not see where it was deleted. Very poor hosting company. I did see in the raw logs that the wordpress login was accessed every second of a full day. Thousands and thousands of attempts. This was the day before I see the theme missing. So they obviously got in. I just can't see where it shows it was deleted. Or what would be the purpose. I've added a security plugin to prevent that in the future.

  0
• 

  cPanelMichael

  • December 18, 2014 17:44

  Note that WordPRess does offer some advice for brute force attempts: [url=http://codex.wordpress.org/Brute_Force_Attacks]Brute Force Attacks " WordPress Codex Thank you.

  0
• 

  nanrector

  • December 24, 2014 21:55

  ]Note that WordPRess does offer some advice for brute force attempts: [url=http://codex.wordpress.org/Brute_Force_Attacks]Brute Force Attacks " WordPress Codex Thank you.

  
  Great info on that link. Thanks!

  0

Please sign in to leave a comment.