Changes between Version 1 and Version 2 of fix-compromised-web-site


Ignore:
Timestamp:
Apr 27, 2016, 10:12:34 AM (3 years ago)
Author:
Jamie McClelland
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • fix-compromised-web-site

    v1 v2  
    1919Here are the steps:
    2020
    21  * Remove all content from your web directory and back it up on your own computer or in your home directory. Remember to check for hidden files (like .htaccess files).
    22  * Make a new "holding" directory which will contain your custom code. Copy (from the backup) your settings files (in Drupal - sites/default/settings.php, in WordPress wp-settings.php), your files directory (in Drupal - sites/default/files, in WordPress wp-content/upload), and your custom theme directory. We will work on these files later.
     21 * Back up on your own computer or in your home directory *all* the files and folders in your web directory. Remember to check for hidden files (like .htaccess files).
     22 * Delete everything from your web directory, including hidden files like the .htaccess file. You should have absolutely nothing in your web directory.
     23 * In your home directory or on your own computer, make a new "holding" directory which will contain your custom code. Copy (from the backup) your settings files (in Drupal - sites/default/settings.php, in WordPress wp-settings.php), your files directory (in Drupal - sites/default/files, in WordPress wp-content/upload), and your custom theme directory. We will work on these files later.
    2324 * Change your SFTP user's password via the control panel
    2425 * Change your MySQL password via the control panel (and then update your settings file that you copied into your "holding" directory with the new value)
    2526 * Download a clean copy of your content management system (WordPress, Druapl, etc) to your web directory.
    26  * Download a clean copy of all of your third party modules or plugins to your web directory.
     27 * Download a clean copy of all of your third party modules or plugins to your web directory. DO NOT copy them  from your backup.
    2728 * Now, we work on your "holding directory":
    2829  * Start with your settings file - compare the file with the sample file provided when you download your content management system. Check for lines that are really long (more than 72 characters) and that have long chunks of what seem like gibberish code). If you are satisfied that it is clean, put it into your web directory.