Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

IP Address Hosted on EC2 Hacked, <IP_address>/wp-admin showing Hacker Page, what should i do?

0

As title says, the wordpress website which was hosted on EC2 is hacked. The freelancer which developed the website for us no longer have the backup files. I want to know is AWS able to restore the backup files? Or is there any other ways to solve this or prevent it from happening?

Themen
SpeicherKalkulation
Tags
Sicherung & WiederherstellungAWS DatensicherungAmazon EC2
Sprache
English
Marc Mah
gefragt vor 7 Monaten235 Aufrufe
2 Antworten
0
  1. Stop the EC2 instance ( you can do this from the console. Do not terminate it yet)
  2. Revoke any access keys the instance is using
  3. Take a snapshot of the EBS volume
  4. Terminate the Instance
  5. Create a new volume from the snapshot
  6. Create a new instance
  7. Mount the newly created EBS volume to your new instance and monitor the logs
Dylan Zenner
beantwortet vor 7 Monaten
0

Hello.

Do you have any snapshots of EC2 etc. from before the hack occurred?
If you do not have a snapshot, you cannot restore your data on AWS.

Since wp-admin is easily used for attacks, we usually recommend installing a plugin that changes the URL.
I think you can use a plugin such as WPS Hide Login to change the URL.
https://wordpress.org/plugins/wps-hide-login/

profile picture
EXPERTE
Riku_Kobayashi
beantwortet vor 7 Monaten
profile pictureAWS
EXPERTE
Didier_Durand
überprüft vor 7 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt