• We value your experience with Plesk during 2025
    Plesk strives to perform even better in 2026. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2025.
    Please take this short survey:
    https://survey.webpros.com/

Compromised - Need rebuild best practice info...

C

C4talyst

Guest
I've inherited a few Plesk boxes, one of which has 500 domains/sites on it. Today I found this machine has been root level compromised. I was hoping some you could enlighten me on best practices for rebuilding / recovering from this.

I'm guessing I'll need to stand up a new machine, harden it and then start migrating clients to it. Any thoughts? Thanks!
 
First of all you will need to find out how they broke in.
Then you will need a backup of all important files, like /var/www/vhosts* , /var/qmail/*, /etc/, /var/lib/mysql (and also create a dump from all database), /usr/local/psa/

Then after backup is done, you need to reinstall the server, install SAME version of PLESK, and start to restore data.
You can do this manually or automatically, but in any case will be painful and time consuming.
 
You must log in or register to reply here.

Similar threads

J.Wick
Input Allow Backup Scope Selection: Subdomain Document Root vs. Parent Directory
Replies
1
Views
477
Sebahat.hadzhi
Sebahat.hadzhi
I
Input Hardening Plesk with AbuseIPDB
Replies
2
Views
481
iainh
I
Matt N
Issue Maria DB 10.11 > 11.4 upgrade results in issues with Plesk Repair Tool - reports innodb corruption in ibdata1
Replies
12
Views
2K
Misho
Misho
L
Issue Being logged out of Plesk after nearly every page (error 400)
Replies
2
Views
4K
Himanshu Goyal
H
C
Question Plesk Ubuntu with Microsoft Azure - Geo replication
Replies
0
Views
2K
corend
C
Back
Top