At this time we have filtered your Linode's network connection and you will no longer be able to connect via SSH. In order to connect to your Linode and investigate this issue you will need to use LISH following the guide at https://www.linode.com/docs/networking/using-the-linode-shell-lish.
Please update this ticket as soon as possible to regain normal connectivity.
Regards,
Soh
我的回复:
1 hour ago
I im sorry that my website has been attacked and redirected to a phishing page by a hacker. I have checked my Linode VPS carefully and found the reason is a CMS bug, so I deleted all the files in the website. The problem has been resolved, and I will be more careful, so would you recovery my Linode's network connection.THANK YOU.
LINODE回复:
Hello,
Thank you or the update. We would be grateful if you could tell us what you have done to prevent this issue from occurring in the future. Would you be amenable to implementing some or all of the security recommendations in the following supportive documentation?:
Please let us know if you have any additional questions or concerns, we are happy to assist you.
Regards,
Joel
我的回复:
Thank you for your suggestion, I have read the supportive documentation, and have done some of it, including adding a new user, and I will backup my files first and do more according to the document. This time, the main reason for the issue is a CMS bug, so I will check more carefully to prevent this issue in the future. So, would you recovery my Linode's network connection? Thank you.
LINODE回复:
Hello,
I have removed the network filter preventing you from accessing the Linode. If you could please update us again when you have finished your investigation and resolved the issue, we would be grateful.
Thanks in advance.
Regards,
Jack Stitt
我的回复:
Thank you so much, the issue is resolved, please close the ticket. Thank you.
LINODE表示要继续跟踪不能关闭ticket:
Hello,
I am just following up with you to check the current status of your Linode's network activity. We would like to know the specific steps that you have taken to remove the source of this activity. We cannot consider this case closed until we have been well informed of these changes. Do you have any response to provide concerning this issue?
Please reach back out to us at your earliest convenience.
The file that was exploited was from my "博客程序" script, the hacker had taken advantage of our outdated script and performed sql injections, I have taken action to update the script from the official website to its latest version. Furthermore, I had set the script to auto update to its newest version to prevent anything like this from happening in the future. I do apologize for the damage that we've caused, we'll take more preventative caution in the future.
Thank you for your understanding.作者: COOCOO 时间: 2015-6-27 15:57