cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution

Somebody inserted new files with code in all of my 50 websites, its hacked, please help

Somebody inserted new files such as dpr.htm, z.php,database.php etc with code in all of my 50 websites . I think its  godaddy's security breach, its hacked, please help

1 ACCEPTED SOLUTION
Super User IV

@jinoxavi 

 

I'm guessing that you are running WordPress and that you are an a cPanel account. I also am guessing that all the sites are on the same server.

 

One of your sites has a vulnerable plugin and as such someone was able to exploit that. Once they did that they were able to compromise all the sites as they are all in the same account (folders don't matter) - typically these scripts search the entire server / account 

 

Other than cleaning up the sites, I would suggest upgrading to a VPS server where you can set up a separate cPanel account for each site and this way if a site gets compromised it's only the one site.

 

Also as part of this I would make sure you've updated all your plugins / themes

I am a GoDaddy End User - Just Like You
Check out my site! | I currently manage over 300 WordPress Websites
* Please note that I offer free advice on this forum. Thank You Info If you would like personalized help, please contact me. Otherwise, please ask your question in the proper forum so the answer can assist EVERYONE in the community and not just you. Thanks! *

Once your issue is resolved,
please be sure to come back and click accept for the solution

Get Better Support on the Community Boards!
Etiquette When Asking for Help from the Community

View solution in original post

1 REPLY 1
Super User IV

@jinoxavi 

 

I'm guessing that you are running WordPress and that you are an a cPanel account. I also am guessing that all the sites are on the same server.

 

One of your sites has a vulnerable plugin and as such someone was able to exploit that. Once they did that they were able to compromise all the sites as they are all in the same account (folders don't matter) - typically these scripts search the entire server / account 

 

Other than cleaning up the sites, I would suggest upgrading to a VPS server where you can set up a separate cPanel account for each site and this way if a site gets compromised it's only the one site.

 

Also as part of this I would make sure you've updated all your plugins / themes

I am a GoDaddy End User - Just Like You
Check out my site! | I currently manage over 300 WordPress Websites
* Please note that I offer free advice on this forum. Thank You Info If you would like personalized help, please contact me. Otherwise, please ask your question in the proper forum so the answer can assist EVERYONE in the community and not just you. Thanks! *

Once your issue is resolved,
please be sure to come back and click accept for the solution

Get Better Support on the Community Boards!
Etiquette When Asking for Help from the Community

View solution in original post