Hacked - Injected
Found one of my sites has been injected with Replica Rolex links in a number of the records.
The site has been around for a few years using various WA extensions. CMS Builder, Data Builder and MySQLi
Any details that can help solve, fix and block the hackers or bots from gaining access again?
Here are my current steps:
1) Installed new PHPmyAdmin (latest version).
2) Changed MySQL root password
3) Downloaded compromised database and searched for other records that were compromised.
4) Cleaned up all compromised records
5) Create NEW database and access User account
6) Restore cleaned database to new database
7) Create new Site and start migration of files from current live site.
8) Change passwords for MySQL Connections to new User account
9) Figure out how to make Power CMS reinstall new files on new site..?
This should provide new access points to a clean DB and discard any old access methods.
Anything else I should be doing?