Author Topic: Website recently hacked for Haintai  (Read 14701 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Website recently hacked for Haintai
« on: January 15, 2019, 07:47:40 AM »
our cetos webpanel is hacked i could not able to figure it out from where they hacked i was running updated version of cwpPro

Hacker changed all accounts and email  passwords as well as they were able to change my root password too is there any serious security update released ?

Offline
*
Re: Website recently hacked for Haintai
« Reply #1 on: January 15, 2019, 08:16:14 AM »
you should contact your experienced server admin to check the logs or cwp support
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.

Offline
*
Re: Website recently hacked for Haintai
« Reply #2 on: January 15, 2019, 08:55:39 AM »
yes i am personally looking at it. I just want to know if there is any broken script or something that being faced by other cwp users as well

thanks

Offline
*
Re: Website recently hacked for Haintai
« Reply #3 on: January 15, 2019, 09:16:59 AM »
nop, that anything was reported it would be already fixed, you need to check the logs and see where it was the issue, mostly server hack occurs if you use ssh at port 22 and week password.
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.

Offline
*
Re: Website recently hacked for Haintai
« Reply #4 on: January 15, 2019, 09:35:45 AM »
I am not using port 22 any other suggestion to keep it secure

I am using firewall,spam , iptable,  maddate scan, userlogin security etc.


Offline
***
Re: Website recently hacked for Haintai
« Reply #5 on: January 16, 2019, 01:15:03 AM »
What scares me is just figuring out how a person can administer a server without SSH. As him/her patrols the logs and the boundaries of your server, how install their programs. how it monitors its load, how it checks the queue for E-mails, how it checks your firewall, how well it knows the harassment your server receives, all without SSH. Without SSH is not possible to do a realistic administration of the server. You can not manage a server with the panel alone. The dashboard is just a facility, primarily for customers, not for the administrator. For the administrator there are numerous tasks that are much better fulfilled through SSH, some of them are unique. So for me the server was hacked just because there is no one monitoring the server via SSH. The security of a server is like a chain: it is as strong as its weakest link. Install a postknocking to make your port 22 more secure, but be sure to use SSH.