My dedicated Linux server was hacked a few days ago. Specifically, someone managed to compromise Apache by way of an outdated PHP-based application that a hosting client of mine had installed. The hacker planted a script that tied up the system doing nefarious things such as portscans of other machines. My hosting provider shut down the server, but neglected to tell me what had happened.
After punching a hole through the illiterate frontline support technicians, I finally got through to someone who told me what was up. I was able to clean up the mess and uninstall the vulnerable application. I have also contracted some security experts to harden the machine for me and help prevent this sort of thing from happening again.
I will also be keeping a closer eye on scripts that get installed on the server, making sure they are all patched with the latest updates of everything.
I am glad this wasn’t worse. It could have turned into a defacement or total crippling of the server. Not that I don’t have backups, but it would have been much more time consuming to fix.
In order to maintain communication with my clients during the downtime, I moved this site to a different server quickly, and took the liberty of setting up the latest version of WordPress, along with a spiffy new theme.