![]() ![]()
Then after installing fresh/new copies of the sites I would use the tools' backup/restore facilities to transfer data from your hacked system to the newer system - but would suggest being very careful about this because it's possible that the code in your current site has been modified to include extra rubbish in the backup files. ![]() Then I would make sure the main webroot file permissions are set on the new server to be read-only. If you have installed any 3rd party add-ons/plugins to Moodle/Joomla/Virtumart I'd check to make sure none of those are known to have security issues - there's a big warning about older versions of virtuemart here: #MACCLEAN OK MALWARE INSTALL#I would probably set up a new server and install the latest versions of Moodle/Joomla, Virtumart (make sure you don't install the old versions you are probably using) - I would also be tempted to isolate those 3 applications further onto separate servers - so that if you get hacked again it's likely only one of those systems that will be affected. To do this on your own will be quite a bit of work and requires some specialist knowledge - if you go and do it yourself it's possible you will just end up in the same place again. I have root access - dedicated, rented server.Īny advice and/or solution will be appriciated. I've done a lot of googling, but nothing has helped me solve this issue. Please find the nginx config file for the Moodle website in the attachments. NotesĬhanges to the webserver configuration have to be made through the ISPManager panel. Sometimes websites drop, but can be brought back by restarting php5-fpm. The server resources are sometimes used all the way up to 100%. The malicious files are uploaded to all folders except for data and vmfiles.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |