Originally Posted by tristanlee85
By reinstall you mean the OS, correct?
As for backing up ISPConfig to transfer to a fresh OS installation, would I be best off to create a tarball of my admispconfig/ and www/ directories in the /home/ directory?
Dont you ahve a backup from the time before the hack occured? It would be better to use that.
If not, have a look at this thread:
You will need a backup of /home/ /var/ /root/ispconfig and /etc because you will need the passd, sahdow and group file. And this is the biggets problem as your passwords might be compromised. Also if you put your websies back online without finding the security hole that the hacker had used, you might get hacked again very fast.
So if possible, you start either with a fresh installation of ISPConfig and recreate the accounts and move just the conetnt of the websites and databases or use the data from a backup thatw as made before the hack.