Malicious content on my site
Posted: Wed Dec 16, 2009 12:53 pm
Hi guys,
I wonder if anyone can help with a problem I have had. I got a report from my hosting company that there was some malicious content on my site which was being used for phishing attacks.
My site is running the latest CMSMS, plus a copy of the latest Wordpress in a subdirectory. The hosting company reported that the malicious content was in an exe file (but my host is Linux) and a bunch of other files in CMSMS directories:
html/.smart/
html/includes.php
html/modules/FileManager/postlet/.npe
html/modules/FileManager/postlet/.ssh/
They cannot say when the content got uploaded, or via what mechanism.
So, my real question is how can I do a completely clean installation which then duplicates my existing site? I want to zap all files and only put back those which must be there... I can then use the Validation routines to ensure I start with a clean site. I did a mysql backup and clean install on another system, but the mysql had problems (Â characters instead of unicode) and I really don't want to have to clean all that up! Does anyone have a step-by-step how-to of backup and restore, possibly to a mysql server with different default settings?
TIA
Smotsie
I wonder if anyone can help with a problem I have had. I got a report from my hosting company that there was some malicious content on my site which was being used for phishing attacks.
My site is running the latest CMSMS, plus a copy of the latest Wordpress in a subdirectory. The hosting company reported that the malicious content was in an exe file (but my host is Linux) and a bunch of other files in CMSMS directories:
html/.smart/
html/includes.php
html/modules/FileManager/postlet/.npe
html/modules/FileManager/postlet/.ssh/
They cannot say when the content got uploaded, or via what mechanism.
So, my real question is how can I do a completely clean installation which then duplicates my existing site? I want to zap all files and only put back those which must be there... I can then use the Validation routines to ensure I start with a clean site. I did a mysql backup and clean install on another system, but the mysql had problems (Â characters instead of unicode) and I really don't want to have to clean all that up! Does anyone have a step-by-step how-to of backup and restore, possibly to a mysql server with different default settings?
TIA
Smotsie