Account Compromised Question

filip212

• August 31, 2017 13:04

Hello, I have some security issues. Some hacker send me list of domains with their real ftp accounts usernames and send me database name and password of one web which have webhosting at us. Website where he know db name and password using wordpress config.php permissions have on 644 He created account and upload some scripts with which help he know this. How can i avoid this in future?

• 

  filip212

  • August 31, 2017 18:25

  .htaccess of that ftp account SecFilterEngine Off SecFilterScanPOST Off and he have many symlinks like config.php: Link/shortcut file config.php Point link/shortcut to: /home2/user/public_html/config.php Scripts are from web [removed]

  0
• 

  cPanelMichael

  • September 01, 2017 14:55

  Hello, It's difficult to pinpoint the specific vulnerability or exploit used by an attacker to hack your server or websites. One could speculate on common methods (e.g. symlink attack), but it really requires a qualified system administrator to investigate the logs on your server and determine the source of the attack. There is a thread here where a similar question is asked: Log Files To Check After Account Hacked Thank you.

  0

Please sign in to leave a comment.