Data Koncepts

HTML Tutorial - Overview

Data Koncepts

HTML Tutorial - Overview
  • Home Page open submenu
    Data Koncepts'
      Home Page
  • Webmaster open submenu
    Professional
        Webmaster
    Development
        Process
    Small Website
        Fixed Price
        Offer
    Website
        Clients

    FREEBIES:
    Webmaster Security
        (see Security)
    Search For a
        New Host
        Checklist
    Search Engine
        Optimization
        w/mod_rewrite
    mod_rewrite
        Code Generator
    E-Mail
        Encrypter
  • Web Hosting open submenu
    Web Hosting
        Info     & Checklist
    Web Hosting
        Offer
  • Security Updated! open submenu
    Online
        Security
    SuperScan v2New!
        Attack
        Detection
        & Reporting     Hack Recovery
  • Professional Services open submenu
    Professional
        Documents
    Digital
        Imaging
    Screensavers
  • Computers open submenu
      Hardware
      Software
  • Contact open submenu
      Contact
      Terms &
        Conditions
      Sitemap
Website monitor by killerwebstats.com
Freedom Lost! Freedom!

Hack Recovery!

Too many webmasters have been unaware that their website(s) have been hacked and, when they are alerted to that fact, they don't know what to do. This is the advice I have given many times to a webmaster forum:

Recovery Checklist

  1. Immediatly delete all FTP accounts except one (YOUR master for the account).

  2. Change the master password (cPanel and FTP) to a VERY STRONG one using a Strong Password Generator password of sufficient length (11-16 characters including uppercase and lowercase letters, digits and special characters).

  3. Have your host use a "maldet scan" (on an Apache server) which will find and report all forms of malware (viruses, worms and SCRIPTS which can cause problems). This will enable you to find and remove scripts which can be embedded in html, php and js scripts. Repeat the maldet scans until there are no files detected then add a CRON to run maldet scans on a regular basis. Be aware that recovery will primarily consist of DELETING all html, php and js files and replacing them with originals (from your master copies).

    Alternatively, DELETE ALL your files (you will reload later).

  4. Install and use a script (via CRON) to verify that files have remain unchanged (except, of course, changes you have made).

  5. Database: If you are running WordPress or any other "canned app" with database verification for admin accounts, create a new admin and DELETE ALL other admin records.

  6. Upload all your files from your master files (on your computer).

  7. If you are using "canned scripts" (e.g., WP, Zencart, etc.), be sure that they are updated and kept updated in order to prevent further attacks via security problems being constantly identified in those scripts. This includes their third party plug-ins, too!

  8. Handling uploaded files: Be sure to do a thorough check of any file uploaded to your website (I limit uploaded files to images and they are resized (to a new image) by GD (PHP's image handling script) before being saved to my "webspace").

Be Paranoid!
It will save you from all this unnecessary work!
 
  This site designed, created, maintained and copyright © 1995 - 2025 by Data Koncepts.