Help! I’ve Been Hacked!

Filed under Server Security | Posted by Gary

It’s a cry for help that I’m hearing more and more lately. That is due in part to there being several organised groups on the Internet who are very actively defacing websites. You may have even seen some of the defaced sites. One of the most active groups is a Turkish group that has, on some days, been able to deface thousands of sites with their automated scripts. Fortunately this type of ‘hack’ is generally fairly easy to repair and a script update will usually ‘plug the hole’. Still, it can be a scary experience to open the home page of your website and see a totally different page.

That’s the good news! The bad news is that if you have a dedicated server then the remedy may not be so easy. Particularly if someone has managed to get root access. The only safe way to ‘repair’ your server in that case is to do a full, clean re-install of the operating system and all of your files after identifying exactly how the intruder managed to get root access. This can be costly and time consuming depending on how successful the intruder was at hiding his tracks. This is also one of the main reasons we at The Dedicated Server Doctor monitor our customers’ system log files in real time. All system logs are archived into a database so that if an intruder does manage to get in, we may be able to see where they came from and which service they were able to exploit.

Remember, your server is only as secure as you make it. Weak passwords and outdated scripts and services will almost certainly lead to a compromised server.

You must be logged in to post a comment.