My site has been hacked
Category: General Server Setup
Hello my site was hacked a couple weeks ago. Since then I have removed all foreign files that I could find and I changed all the passwords however I just logged in and they had deleted all of my files. After contacting your support they are uploading a backup they had made however they told me to contact so that you may be able to shed some more light on the situation. I would like to know how they could possibly have done this as files outside of public_html had been deleted too.
The experience you have had means the hacker most likely had access to your account password and came in either via FTP or the cpanel itself. This would give them direct access to everything, even above the public_html folder.
It is very likely this information was gotten from your home computer, that is where the majority of security violations occur.
I have a link here that gives a detailed explanation on securing yourself from additional hacks. This should help you get secure once again.
Steps to Take After a Hack
Like this Question? Tweet
Related ArticlesHow to run Exim on an additional port
How to open a port in your firewall
How to increase the FTP visible file limits via command line
SoftException UID is smaller than min_uid
Understanding Linux Inode basics