Janicek.com was hacked sometime in the very early morning yesterday. Janicek.com has been hacked a few times in its years. In the past, I would contact Dreamhost‘s technical support and say, “My site was hacked. Can you fix it for me?” And they would.
This time I wrote and said, “Hey, my site was hacked. How do I fix it?”
Dreamhost takes full backup “snapshots” of your data twice hourly, twice daily and twice weekly. How’s that for getting your money’s worth?
So if you’re website is hosted by Dreamhost and you get hacked:
Telnet into your account
Windows: Start>Run> “telnet www.yourdomain.com” (without quotes)
Login will be the same as your FTP username and password
Or you can use PuTTy
OS X: Terminal
Here are Dreamhost’s instructions…
Steps for restoring data on your own :
1. cd into the hidden directory named .snapshot (it will not show up in any directory listing at all, but it’s there)
2. Choose how far back you would like to go ( hourly.0 is one hour ago, hourly.1 is two hours ago, nightly.0 is one day ago, nightly.1 is two days ago, weekly.0 it one week ago, weekly.1 is two weeks ago )
3. Copy the restored file to where you want it (using the unix cp command). You’re done!
I had to reacquaint myself with the Unix command line…
cd .snapshot (note “.”)
cd nightly.1 (or however far back you need to go)
ls (to see your data files)
cp index.html /home/.server/user/domain.com/folder