Results 1 to 2 of 2
Malware can be tough to find and eradicate especially in time restraints of a production environment. So here's some steps to try. http://www.openlogic.com/wazi/bid/338314/how-to-locate-and-clean-malicious-code-on-your-website?source=Blog_Email_[How%20to%20locate%20and%20cl]...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 03-06-2014 #1
Cleaning Malware from website
- 03-16-2014 #2
- Join Date
- Apr 2009
- I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
Good link DocBop. Myself, I keep the source web pages backed up (in version control) along with md5sums. So, I can check the current site, and if the checksums have changed, then I know I've been pwnd. In such a case I do this:
0. Change root (and if necessary web-browser) password, along with disabling all sudo access to the root account.
1. Take site off-line, with a "under maintenance" static page (read-only - not capable of modification by anybody).
2. Figure out why I was vulnerable.
3. Fix vulnerability and re-install known infected pages.
4. Set up inotify to inform me if anything changes any of the pages on the site.
5. Re-enable the site.
This is a general roadmap.Sometimes, real fast is almost as good as real time.
Just remember, Semper Gumbi - always be flexible!