ISIS hack on my server / droplet

March 9, 2015 2k views

Hi, had an IS Hack on my server. So far it was apparently easy to remove by removing the index.php /.htm /.html files. Anyone with similar experience. I still have no idea how they came in. I've checked everything, but found nothing unusual

1 Answer

You should back up any needed files, checking them carefully, destroy your droplet and start with a clean one. If you are unable to identify the attack vector it is very likely that the droplet remains open to the attacker.

Have another answer? Share your knowledge.