Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Some cavity hacked my VPS last night.
#1
I woke up this morning to find my VPS completely hosed. All my domains go to cPanel's default page. Bebe-pleure

I won't bore you with the emotional breakdown I'm currently experiencing (note to self: onsite backups aren't good enough), but I want a freakin IP address. I'm pretty sure someone took advantage of SSH and did something (I offer web hosting via post-to-host), which log file am I looking for?

Thank you.

EDIT: Thank you, auto-censor system.

Lol, cavity.

EDIT: Maybe it wasn't hacked? What would cause cPanel to completely reset itself? I'm quite pissed right now and can't think straight.
Reply
#2
View server logs asap. I'd actually make a complete backup of all logs and all existing files for local review. There should be login logs and I assume cpanel has logs too. I've never run a cpanel server so not sure what it does in the backend but normal linux runs logs for lots of stuff.
Superman I am here to rescue you.
This is Support Forums not Support PMs.  Do not PM me for support unless it's private and site related.
Reply
#3
Thank you, Omniscient. I think I've got an IP, but I can't figure out which commands were run from said IP, so weather they had malicious intentions has yet to be discovered. I'll keep digging.

Been a stressful week for me, this only adds to it. Omg
Reply
#4
Sorry to hear about this. I would personally find it difficult to understand what is happening.

Post back on developments, it will help you to vent and clear your head as well. Good luck.
Reply
#5
Hopefully they weren't to smart and didn't use a proxy!
Hope it works out for you, that would suck.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  US Cheap Shared and Reseller Hosting | From $2.95/Month | Day and Night Support PlotHost 2 784 02-18-2012, 12:26 AM
Last Post: Crystal

Forum Jump:


Users browsing this thread: 5 Guest(s)