2 Answers
- Newest
- Most votes
- Most comments
0
- Stop the EC2 instance ( you can do this from the console. Do not terminate it yet)
- Revoke any access keys the instance is using
- Take a snapshot of the EBS volume
- Terminate the Instance
- Create a new volume from the snapshot
- Create a new instance
- Mount the newly created EBS volume to your new instance and monitor the logs
answered 7 months ago
0
Hello.
Do you have any snapshots of EC2 etc. from before the hack occurred?
If you do not have a snapshot, you cannot restore your data on AWS.
Since wp-admin is easily used for attacks, we usually recommend installing a plugin that changes the URL.
I think you can use a plugin such as WPS Hide Login to change the URL.
https://wordpress.org/plugins/wps-hide-login/
Relevant content
- asked 2 years ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated a year ago