0

My website is infected with iframe injection and some javascript virus.

There is some JS code which is present in all the files.

Is there any way that i can paste that JS code in a text file and make shell script which matches that pattern and rmoves from the pages

I have vps server centos with cpanel whm

  • The question "my site/server has been hacked/infected" comes up all the time, the answer is always the same: **"Wipe the server, restore from known-good backups"** – Chris S Jun 24 '10 at 12:47
  • See the somewhat related question http://stackoverflow.com/questions/1182756/remove-line-of-text-from-multiple-files-in-linux – Zoredache Jun 28 '10 at 01:22

1 Answers1

1

If the site is infected it would be safer to replace everything from a clean backup - and that includes any databases you might have.

While it probably is possible there's a good chance you'll miss something and not have a fully clean site.

You should also try and work out where the infection came from - probably an insecure ftp account - and close that loophole before proceeding.

ChrisF
  • 1,861
  • 1
  • 21
  • 28
  • the problem is i don't have backup at all , what should i do –  Jun 24 '10 at 13:06
  • is there any scanner available for website which can delete the malaciou code via ftp –  Jun 24 '10 at 13:08