Moving a hacked site, is it safe ?

Portal Home > Knowledgebase > Articles Database > Moving a hacked site, is it safe ?

Posted by itajooba, 04-30-2010, 05:57 AM
Hi guys, we just got a request from a shared customer who want to move his hacked site (which was hosted to some other provider) http://balajiconsultancysurendra.com/, We was wondering what safty measure should we take or should we host this site ?
Posted by madaboutlinux, 04-30-2010, 06:01 AM
I would have asked the client to clean up his website files/databases first and then host his website. It may contain malicious scripts that may harm other websites hosted on your server...
Posted by assistanz247, 04-30-2010, 06:05 AM
First of all you need to know what kind of hack that site had, if it is some sort of javascript injection or Malware you need to be very careful. Its always better you ask them to come up with a backup which is not affected by this hack.
Posted by itajooba, 04-30-2010, 06:06 AM
Looking into his site it look like someone has hacked his cpanel account http://balajiconsultancysurendra.com/
Posted by Extremeseo, 04-30-2010, 06:19 AM
It looks like to me that someone has defaced his site using some shell script,ask him to update his site script to latest version,change all passwords of site,and then scan his site for viruses,he can use offline computer scanner for this purpose, Thanks kind regards
Posted by sbunnithan, 05-01-2010, 05:25 AM
Issues like hacking occurs when there are outdated softwares running on a site, world readable permission of the files/folders, easily guessable passwords etc. If a site gets hacked firstly change the password of the site. Please also make sure that you are using a secure password which contains at least one digit and special character. Check all files/folders for 777 permissions and if found any change it to 755.Make sure that all third party applications(such as phpBB, WordPress etc) installed on the website, if any, are up-to-date
Posted by Hillockhosting, 05-02-2010, 10:49 AM
Make sure you change all FTP and cPanel password Change permission recursively of public_html directory to 755 check if any perl or malicious scripts are present.
Posted by jphilipson, 05-02-2010, 12:07 PM
I bet the site is running Joomla, like 95% of site hacks I have seen recently.
Posted by The_Dominator, 05-02-2010, 12:23 PM
its not only joomla - but also wordpress and others - the big problem is these programs prompt for easy permission changes to 777 as well as exploits since the programs gain in popularity - As hosts we can put in firewalls, security scans, etc - but nothing is bullet proof
Posted by Hillockhosting, 05-02-2010, 12:37 PM
It cannot be blamed on Joomla. Not all Joomla sites are hackable. It depends on users knowledge of using Joomla.