Forum Moderators: phranque
My hosting company takes backups from my database and hosted files and every time I make a mistake and cant fix it I upload the back up and the site's back to normal but obviously the new content vanishes away.
So I was wondering IF my site every gets hacked or a virus, does uploading a backup fix everything?
It is likely to be an old off the shelf script you installed causing the problem.
Another thing to consider, do you know how they got in? Perhaps they hacked your root password, or another system password. Did you change all your passwords? If not, they may still be on your system right now.
We had a hacker brute force their way into our site last year. They spent about 4-5 months guessing passwords coming in from alternating IP addresses... At the time we had left the small door open they were trying to exploit so we could also remote access our server... We got lucky and saw their break-in as it happened (by luck)... Even so, we ended up getting a new server completely and migrating our application files and database files over from a backup before the intrusion.
We also made sure that small door is now closed, and we came up with a new solution for allowing remote access to our server.
Moral of the story, if they got root access, you may never know what they did, or what back doors they installed. If this is your bread and butter, you may want to consider having a completely new server setup with the lastest OS and patches, and restore your DB and app files from before the hack... or a local copy if you have one.
It may be the best way to ensure you are clean.
I am using Drupal as my CMS and every once in a while I get a security warning that your Drupal must be updated and ...etc that made me wonder if I was able to simply restore in case I do get hacked.
