0

Just recently we noticed in our website (which was made by a 3rd party before) that the database was compromised. All data was appended by a small html information. What we did is to change all the sql access to parameterized version and change the password to an encrypted one.

But today same thing happened again and our server now is unresponsive (I'm trying to connect using teamviewer). How can I sanitized our server and prevent this from happening again?

Sherry Ann Hernandez
  • 3
  • 1

1 Answers1

2

  1. Take the server offline

  2. Identify the cause of the breach (insecure code, unpatched web server, using FTP instead of SFTP, whatever).

  3. Restore the whole system from a known good backup while offline.

  4. Correct the cause of the breach (updated code, patched server, whatever).

  5. Bring the server back online.

MDMarra
  • 100,183
  • 32
  • 195
  • 326