Today I got into trouble and I catch this virus https://secure.wphackedhelp.com/blog/remove-wp-vcd-malware-wordpress/
I removed files like in tutorial, scanned with scanners, make firewall, blocked user (from screen) etc and my cpu loads decreased from 100% to 50-80% and thats is still problem.
I got wordpress website hosted on digitalocean. Installed cyberpanel.
In screen u can see someone still ddosing my website he tried to different url. I blocked him.
- blocked range ip, hostname by wordfence plugin(screen below)
- I got recaptcha v3
- Cloudflare and blocked this ip
Before blocking this ip it was 100% load still now is less but still 50+ / 80% . You can see I use command "htop" And we can see still attempting to run index.php by lsphp (litespeed my server for hosting like apache).
I think that these firewalls do not do anything because somewhere there is a script on my server that still uses up the processor, calling index.php and other files. Can you somehow prevent this and find out which file causes it?
Can I somehow determine which one script loads this index.php ? By some command or program in linux?
I removed files like in tutorial, scanned with scanners, make firewall, blocked user (from screen) etc and my cpu loads decreased from 100% to 50-80% and thats is still problem.
I got wordpress website hosted on digitalocean. Installed cyberpanel.
In screen u can see someone still ddosing my website he tried to different url. I blocked him.
- blocked range ip, hostname by wordfence plugin(screen below)
- I got recaptcha v3
- Cloudflare and blocked this ip
Before blocking this ip it was 100% load still now is less but still 50+ / 80% . You can see I use command "htop" And we can see still attempting to run index.php by lsphp (litespeed my server for hosting like apache).
I think that these firewalls do not do anything because somewhere there is a script on my server that still uses up the processor, calling index.php and other files. Can you somehow prevent this and find out which file causes it?
Can I somehow determine which one script loads this index.php ? By some command or program in linux?