How to restore all files backups and a mysql separately?

postcd

• August 29, 2017 18:52

Hello, when the WHM server is root compromised/hacked, what is the steps to restore it on a new WHM server? I have incremental backups, the most recent backup has "backup_incomplete" file in its folder, the number of cpanel account folders seems OK. I installed new server on CentOS 6. I exported mysql databases on old server and imported on new server (Export and Import all MySQL databases at one time) Now assuming i should be restoring all incremental fullbackups that i already moved to a new server into folders: /backup/2017-08-28 /backup/2017-08-29 I will also be following securing tips at: Tips to Make Your Server More Secure - cPanel Knowledge Base - cPanel Documentation Please how do you advise me to restore, how differently you would restore so i have newest mysql backups and files from the last day's fullbackup. I can not use recent cpanel's files as hacker was active modifying them. Well maybe only replaced index.php files and adding two other malicious php files in same directory. I could delete these and replace index.php files from backup, than scan the directories for modified files to find leftovers. Thank You

• 

  cPanelMichael

  • August 31, 2017 14:55

  Now assuming i should be restoring all incremental fullbackups that i already moved to a new server into folders: /backup/2017-08-28 /backup/2017-08-29

  
  Hello, I recommend restoring the accounts on the new server first, before importing the MySQL databases. You can follow the instructions documented at: Backup Restoration - Version 66 Documentation - cPanel Documentation Once the accounts are restored, you can then manually import the MySQL databases if they are not included as part of the account backups: SSH command to copy all databases to a new location Thank you.

  0

Please sign in to leave a comment.