1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

plz plz plz help me

Discussion in 'Blogging' started by dabeast, Jun 18, 2011.

  1. dabeast

    dabeast Power Member

    Joined:
    Jun 12, 2011
    Messages:
    510
    Likes Received:
    206
    Location:
    in the heart of my loved ones
    i had a 5 min downtime in morning.so support staff filed a ticket.however siet was again up even before ticket was replied.. (hostgator)

    after 3-4 hours i got message for the ticket

    I regret to inform you that the server listed above has been rooted. This means that a malicious user has managed to gain root (administrator) access to the server. Such users frequently change critical system programs. Because of this, we always recommend that the server be OS reloaded. This means that the hard drive will be completely erased and a new (and updated) copy of the operating system (the OS) will be installed. This eliminates the chance that any exploited files or programs will be left on the server.

    Because this involves completely erasing the hard drive, it is critical that backups exist before we take this step. If you do not have recent backups but do have files that you need on the server, than backups will need to be created. If you use the backup features provided by cpanel and WHM to create backups - even after the server has been rooted - they can be used to restore data without compromising the box. Specific accounts can still contain exploits, but we will scan them as part of the restore process.

    It is vital that you notify us where your backups are stored before we proceed with the OS reload. Failure to notify us of the location of the backups may result in them being deleted.

    After we reload a server, we will secure it. This involves installing the following software (that may or may not have been on your server previously, depending on when it was first obtained):
    * firewall and brute force protection
    * SuExec and PHPSuExec for apache
    * mod_sec for apache (these rules do require periodic maintenance)

    I have attached a log containing details about the rootkits installed on your server.

    If you have any questions about any of this, please don't hesitate to ask. Please respond to this message as soon as you receive it - a rooted server is vulnerable to malicious users that engage in activities that frequently result in blacklisting and data loss.

    can anyoen please help me ? i use hostgator vps :(
     
    • Thanks Thanks x 1
  2. jdog37

    jdog37 Power Member

    Joined:
    Apr 3, 2009
    Messages:
    510
    Likes Received:
    569
    Occupation:
    unemployed electrician
    Location:
    virginia
    Why not call hostgator support and work it out with them over the phone. They can view your shit and work miracles compared to the advice you might get here.
     
  3. new movies

    new movies BANNED BANNED

    Joined:
    Dec 26, 2010
    Messages:
    782
    Likes Received:
    145
    First of all make a complete full backup of your website by logging into cpanel and clicking backups,then connect the filezilla(your ftp software) and download the backup to your computer.Transfer it to your pendrive or cd or keep it at any secure place.
    Reinstall your windows OR download kasperky antivirus and scan the whole system with virus definition updated.
    Also change all the password of your email as well as cpanel.
    Last say to hostgator support that all things are safe and please donot suspend my website.
    Thats it.
     
    • Thanks Thanks x 1
  4. S&TDSFG

    S&TDSFG Regular Member

    Joined:
    Oct 5, 2009
    Messages:
    291
    Likes Received:
    74
    Location:
    EX YU
    Yikes, that's one thing you don't want happening. Make sure to do what these two say, they seem to be covering everything. Good luck on getting back on track.
     
    • Thanks Thanks x 1