Default apache pages modified????
Hi,
I would like to ask you what to do if you think that your ISP config and your system has been hacked.
Which is the first steps to do?
Our sites has been hacked in this way:
At some time (i could not reach yet precisely) all defualt pages of apache are automatically modified.
For instance: index.php, index.html...
Default pages are modified adding an iframe that redirects you to a suspicious antivirus, antimalware or stats webpage.
Is surprising because all default pages are modified with the same TIMESTAMP.
I had checked all my crons, but i didn't see any suspicious... maybe is a bug of ISP config, i don't know.
We have 2.2.32 of ISP config on a Debian 5 64bit machine.
I thank you for you help in advance.
|
English | 
Deutsch
Threaded Mode
Recent comments
10 hours 25 min ago
13 hours 20 min ago
14 hours 34 min ago
15 hours 57 min ago
17 hours 35 min ago
19 hours 4 min ago
20 hours 18 min ago
1 day 12 hours ago
1 day 13 hours ago
1 day 16 hours ago