Results 1 to 2 of 2
Thread: Cleaning Malware from website
Enjoy an ad free experience by logging in. Not a member yet? Register.
Cleaning Malware from website
- Join Date
- Apr 2009
- I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
Good link DocBop. Myself, I keep the source web pages backed up (in version control) along with md5sums. So, I can check the current site, and if the checksums have changed, then I know I've been pwnd. In such a case I do this:
0. Change root (and if necessary web-browser) password, along with disabling all sudo access to the root account.
1. Take site off-line, with a "under maintenance" static page (read-only - not capable of modification by anybody).
2. Figure out why I was vulnerable.
3. Fix vulnerability and re-install known infected pages.
4. Set up inotify to inform me if anything changes any of the pages on the site.
5. Re-enable the site.
This is a general roadmap.Sometimes, real fast is almost as good as real time.
Just remember, Semper Gumbi - always be flexible!