My site just got an attacked. The Linode temporarily disrupt service and send the letter to me. The letter as following:
We have received a report of malicious activity originating from your Linode. We ask that you investigate this matter as soon as you are able. Once you have completed your investigation, kindly reply to this ticket with the answers to the following questions:
1) What was the source of the issue?
2) What steps did you take to resolve this issue?
3) What steps did you take to prevent this from occurring again?
Being as this activity is in violation of our Terms of Service, we ask that you reply within the next 24 hours. If we do not receive a reply within that time, we may temporarily disrupt service to your Linode in order to prevent further malicious activity.
-------------------------------------------------------------------
I think my Linode is compromised. How can I tell?
-------------------------------------------------------------------
If you believe that your Linode has been compromised, you can start troubleshooting by auditing the following log files and writable directories:
- /var/log/[login to view URL] : Check this log file for signs of unauthorized access and brute-force attempts. Use the ‘last’ command to cross reference recent account logins with this file.
- /tmp : This directory is often used by malicious parties to store files
- Web server logs: There may be a vulnerable script or web application. The location of these log files depends on your web server (apache, nginx, etc.) configuration.
- ps aux : Use this command to audit running processes for foreign processes
....
I want someone can help me to recovery the whole website.
I can recover the wordpress website from linode server. I will complete this work in 2 days.
Looking for your reply to start this work immediately. I will be available online from 2 am GMT to 5 pm GMT individual full time freelancer.
$24 USD σε 1 ημέρα
5,0 (1360 αξιολογήσεις)
8,3
8,3
22 freelancers δίνουν μια μέση προσφορά $37 USD για αυτή τη δουλειά
Hi,
I will audit server ,
-collect all malware effected files ,
-scan it properly and remove it
I will implement all server side securities that it will not get attacked again:
CSF Firewall (Best Linux Firewall) - SSL generator - SSL Certificate Manager (quick and easy installation of SSL Certs) - Letsencrypt, Free SSL certificates for all your domains - CloudLinux + CageFS - CSF/LFD BruteForce protection - IP access control - Mod Security + OWASP rules (one click install, easy management) - DoS protection from the Slow-Loris attacks (for Apache) - File System Lock (no more website hacking, all your files are locked from changes) - PHP now shows the script name and path in top or process lists - Apache is limiting number of php processes per user - Automated Backups - Hide system and other user processes - SFTP Security.
I will monitor server after that so that it will not repeat again.
Thank you
Hi, I can recover your wordpress website from malware/malicious files within 2-3 max hours. I have extensive experience working on 2k+ wordpress websites security. Thanks
Hello,
I will recover your website and will do all server related tasks.
1) What was the source of the issue?
Ans - May be your server is not secure enough or i can tell the exact issue after audit the server.
2) What steps did you take to resolve this issue?
Ans - First of all i will audit your server, find loop holes and will resolve the issue accordingly.
3) What steps did you take to prevent this from occurring again?
Ans - i will implement server securities to make your server secure from future attacks.
Thank you
I run a web hosting service and have extensive malware cleanup experience, so I can remove the infection, then update and secure the site.
Once I'm done, just keep the site/plugins updated and you will not be re-infected.
Please note that this bid is for site cleanup. If the server's root account has been compromised (I will look), then the server can not be trusted and the site should be retrieved, server wiped and reloaded.
Hello, I have barchelor of computer science from Technological Educational Institute of Thessaloniki, Greece. I have worked as a system administrator on one of the biggest companies in Greece for 2+ years.
I would gladly check you server and sort out the problem.
Hello, i can help you to find what happened with your linode server
I'm a profession PHP developer / Linux sysadmin with 5+ years of experience.
Always do my job quickly and efficiently.
Regards