Category: ASP
My server has been hacked.
Hyve holds no responsibility for servers or websites which are hacked and may need to shut down servers or websites to avoid network saturation and malicious activity on our network.
We recommend the following mitigation actions are carried out immediately:
- Change passwords to all FTP Accounts
- Change passwords to all Email accounts
- Change passwords to all SSH and RDP logins
- Check site permissions do not grant everyone full control or give 777 permissions to any sites
- Delete any malicious code such as iframe injections etc.
- Restore site from previous unhacked version if need be
- Ensure all forms have a captcha or honey pot
- Update all software on the server including versions of databases, application server software such as php, .NET and ColdFusion
- Update all CMS software such as WordPress, Joomla etc.
- Update any and all control panel software versions such as Plesk or Cpanel
- Update all operating system software such as Linux and Windows.
- Ensure appropriate firewall rules are in place
- Ensure admin/management systems are locked down by VPN or static IP
Your developer will need to cleanse all code thoroughly to ensure all malicious files are removed from the server. A server rebuild may be necessary.
Create a plan to update all the above on a regular bases.
Please contact our support team immediately to inform us whether you wish to carry out mitigation actions yourself or if you wish for Hyve to consult with you and carry out the work for you. We will most likely need to charge extra management fees to cover this work and may recommend compulsory platform changes to avoid issues in the future. If you wish to carry out the procedure yourself, we will need to be informed of your plan of action.