ISIS hack on my server / droplet

Hi, had an IS Hack on my server. So far it was apparently easy to remove by removing the index.php /.htm /.html files. Anyone with similar experience. I still have no idea how they came in. I’ve checked everything, but found nothing unusual


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

You should back up any needed files, checking them carefully, destroy your droplet and start with a clean one. If you are unable to identify the attack vector it is very likely that the droplet remains open to the attacker.