Web Site Security Breaches
From Lunarpages Web Hosting Wiki
Having your web site's security breached is never a fun thing to wake up and find in the morning. It can be a pain to deal with, so with that in mind, here are some helpful tips and suggestions on the steps you should take to get your web site back to normal.
Contents |
Update Your Passwords
The first thing you should do is update your hosting account password. When doing so, please make sure you are doing it from a known good machine (that could not have been infected). If not, then if you had a keylogger (for example) on your computer, it could grab the new password too. This can be done via the Customer Account Page:
You might also want to update your password for other Lunarpages services you are signed up for. You can check the Account and Control Panel Logins page for more information about all of our services you may have login information for. Main ones to remember would be our forums, help desk and your hosting account. Do you have any scripts (like forums, blogs, galleries) that would use a user name and password to login to the administrator section? If so, you should update the password on any of them you have installed on your hosting account.
Scan Your Computer for Viruses, Keyloggers, Malware and More
There are many bad things that you may download on purpose or by accident on the Web that could effect your computer. There have been known cases where infected files could be uploaded to your hosting account by mistake too. Be sure to fully scan your computers with an anti-virus program.
There are many different ones to choose from, if you do not have one installed. Try Trend Micro's HouseCall. It runs from the browser, and scans your computer for viruses, spyware, or other malware.
Note that while windows is the most often targeted OS, Mac (and Linux/Unix with MacOSX as an extension of Unix) is not impervious and is starting to see more and more malware targeting it as its market share and popularity increases.
Clean Up Your Web Site Files
Another important step when it comes to dealing with web site security breaches is to get every last bit of the exploit to keep it from coming back. They usually plant a back door. You want to review your web site files and look for anything that does not belong, or you can not identify as being apart of your web site or scripts you have installed.
Here's the basic list of files/folders on new linux-based (Basic and Business) accounts:
- /etc
- /public_html
- /public_html/cgi-bin
- /public_html/.htaccess
- /public_ftp
- /tmp
- /www
- /.lastlogin
- /.contactemail
You may also see the following, depending on your account activity:
- /.fantasticodata
- /.cpanel
- /.cpanel-datastore
- /.htpasswd
Additional Resources
Want to read this in another language? | Web Hosting Support Categories: Beginner | Billing & Sales | Web Design | LPCP | cPanel | Plesk | Quicksite | PageMason | E-mail | Databases | Domain Names | Reseller | Dedicated | VPS | ASP | JSP | PHP | Third Party Scripts | Affiliates | Misc |
Lunarpages Deal: Save $72 on your next Business web hosting plan! Starting at $18.95 per month, this an offer you can't miss. Perfect for business and e-commerce hosting sites, comes with free e-commerce tools and a TremenDesk Help Desk. Limited time offer!
