Hi Ladies and Gents,
An old static HTML site just got hacked. After cleanup, how can I lock it down with Cloudflare? It’s 100% static html and images, nothing else.
Wow! If it got hacked…I’d suspect a vulnerability (or a compromised password) at your host. But Cloudflare can certainly help make your site run nicer, and even provide some great protection. You should also check if you can disable PHP on your host for that domain.
In addition to the built-in firewall, maybe a custom Firewall Rule would help (Just my theory, and I hope somebody can provide some feedback).
Match: Request Method eq PUT or Request Method eq POST, then Block.
1 Like
Two great ideas within minutes of me posting. Will work on that now! Thank you, sir.
1 Like
Hacked means?
I got an email from Sophos saying there’s phishing detected and Yandex has blacklisted it. Ran a sucuri scan on the URL they detected and nothing. I do see a new folder on the domain from yesterday. Deleted that, changed password, turned off PHP, set new firewall rule per sdayman and set security to High.
Anything else to do?
All of these are very random actions without know what actually happened. Someone might even have server access. Is that shared hosting or a dedicated server? Who manages it? Depending on your level of concern you would need to do some forensics.
It’s a VPS and I manage it. Ran sucuri scan on other sites; all WordPress and all clean. Surely it was just random js injection?
It does not really matter if they managed to upload a JavaScript or a binary, nobody should be able to upload files outside of designated areas. And they might not even have uploaded it via HTTP but might have direct access. You should definitely analyse that and possibly even consider setting up that machine from scratch. That might seem exaggerated but, unless you can rule out any other modifications, that machine might be compromised for good now.
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.