By RodrigoV
There is also heavy POST and GET registries in my log. Specially from an unkown php file called POST_ip_port.php
Any advice would be apreciated.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hello,
I’m really sorry to be the bearer of bad news. Unfortunately it sounds like your webserver was compromised and fell victim to some ransomware. If that is the case, your best bet would be to restore from one of your backups, since you won’t otherwise be able to unencrypt your files without paying the ransom.
Joomla has recently seen several security vulnerabilities and, like every web application, it is important that you keep Joomla up to date in order to prevent it from being compromised. The latest version of Joomla (as of making this post) is 3.4.8, so when you redeploy based on your backup, I highly recommend upgrading Joomla straight away.
Best, Eris Platform Support Specialist
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.