Your Solution to a Hacked cPanel Server

Under the circumstances that a single, or multiple, or all of the accounts existing on the cPanel server have been hacked, JetBackup can be used for restoration of the said accounts to a specific date, using the “Multiple Accounts Restore” feature of JetBackup.

Security and Privacy: The Two Pillars of a Digital Enterprise

The domain or website needs to be absolutely secure as it deals with private and classified business information, the breach of which may result in grave and far reaching consequences. This would amount to loss of credibility and faith on the part of both the Domain owner and the visitors. Thus, taking of Back-up at regular time intervals is a quintessential responsibility on the part of the Domain owner. This exercise can be done using the “Multiple Accounts Restore” feature of cPanel .

The feature allows the user to restore the accounts from the backup archives stored by the system under the backup directories.
Restoration of Multiple Account Backups

• For this feature to work, Account Backups must be enabled in WHM’s Backup Configuration.
To do this, go to (Home –> Backup –> Backup Configuration).
• The following command needs to be run, in order to symlink all backups of the account to the ‘backup/cpback/daily/’ directory:

RESTORE_FROM_DATE=”YYYY-MM-DD”; if [!-d ‘backup/cpback/daily/’]; then mkdir -p backup/cpback/daily/; fi; forCP_BACKUP in
$(find/backup/”$RESTORE_FROM_DATE”/accounts/ -type f); do CP_ACC=$CP_BACKUP” Iawk –F/ ‘(print $5); In –sv “$CP_BACKUP”
“/backup/cpbackup/daily/$CP_ACC”; done

• To remove all the symlinks created after the backups are restored, the following command needs to be run:

find/backup/cpbackup/daily/ -type I -delete

• The following steps need to be executed in order to append all cPanel Backup Accounts to the Backup Restoration Queue:-

1. All Backups can be restored using the legacy restore Multiple Account feature.
2. Running this command will cause available account packages to be appended to the ‘Backup Restoration’ queue, with check on all options except ‘dedicatedip’:-

RESTORE_FROM_DATE=”YYYY—MM-DD”, BACKUP_TYPE=”daily; if│[$BACKUP_TYPE=”daily│ ]; then BACKUP_BASE=”/backup/$RESTORE_FROM DATE/
accounts/”; else│ BACKUP_BASE=”/backup/BACKUP_TYPE/”$RESTORE_FROM DATE/ accounts/”; fi; for│CP_ACC in $(find “$BACKUP_BASE”│-type f –
name ’*.tar.gz’│awk –F/ ‘{print $5}’│sed’s/.tar.gz//g’); do│/user/local/cpanel/bin/backup_restore _manager adduser = “$CP_ACC”
│restore_point=”$RESTORE_FROM_DATE”│mail_config =1│mysql =1│subdomains=1; done

Special Note:
• Where there is ‘YYYY-MM-DD’ mentioned, replace that with the date to which you wish to restore the account to.
• The desired frequency of back up can be obtained by changing the part where “weekly” is mentioned, to daily, monthly, etc.

Glossary of Terms
• -D, –data passing of data to a selected page and viewing.
• -f, –force no action prompt and to force commands.

Using JetBackup has never been this easy. Just a few clicks and you could harness the infinite number of features that JetBackup has to offer. Another important tool that could help you secure your domain against hacking threats is the Imunify 360. An automated security solution, powered by AI, from the makers of CloudLinux, the package collects and processes a massive amount of information about new attacks from servers all over the world. It analyzes the web traffic that hits your servers, understands all security threats, and uses powerful AI technology to dynamically update its rules and prevent malicious attacks that could cause harm. Feel free to read more at: https://www.buycpanel.com/addons/imunify360/