First thing to do in these cases is to calm down and read this post from beginning to end, not only just read the part that most interests you or the part that you “think” that will solve your problem, but you must first understand how to identify the type of invasion because of which your site has suffered and finally work to solve and prevent this problem from occurring again in the future.
Logically there are other ways because of which a malicious user with sufficient knowledge in web programming and hosting invade your web site (regardless of platform and hosting used), such as invasion through folders with permissions 777, but everything is a matter of lack of attention or even failure of security by the user or developer.
Malicious codes are usually hidden within random PHP files, because of which your website has security flaws where the malicious user can invade at any time because of which he gets access to your database and FTP files, most malicious codes are encrypted by the eval () function, this helps them in finding the loop holes. Just because most web sites have a proper or secure open system (open source), does not use encryption in PHP code. Many users of CMS systems such as Joomla, WordPress and others are the main victims of this type of invasion, because these CMS systems are free and widely used by Most developers or administrators of web sites, then malicious users distribute their malicious code usually using templates, modules and plug-ins for the other users to download on the internet.
Many users and administrators who have hacked web sites (invaded) by malicious code, ask themselves, “But I use this platform for years and never had this problem before, why only now?” Or also have the question: “I have several web sites with the same files and the same system, why only a particular site has been hacked and the other not?”. The answer to these two most frequently asked questions is very simple, everything works perfectly until the problem occurs, be it invasion or other ie, nothing works forever, therefore, to use a system that has malicious code you are vulnerable to being hacked and this invasion may occur at any time, or may also be that ever occurring. The malicious users generally use search engines like Google to find what type of website vulnerability is this, they have their own ways of finding the vulnerability, ie, every site that has malicious code and are registered in search engines, are easily found by the invaders and become easy targets, then we can understand why some websites are hacked and not others, even using the same files allegedly containing malicious code, sites that have better placement in search engines are the first to be invaded, some intrusions are made silently just to steal important data and no damage is caused to the web site system, besides being other invasions to steal the data end up damaging the system of web site and purposely leaving a message to the administrator.
Simple… If you have a web site developed in Joomla, Word Press or even other ready CMS platforms or BLOG, the first steps to identify the type of invasion are:
1. Before taking any hasty concussion that could harm the data that remain on web site, make a BACKUP of the database and also all your FTP files that are on the hacked site.
2. After performing BACKUP, you need to keep your site online and keep the attacker (malicious user) continue to have access to your files and database, regardless of the type of intrusion that your site is experiencing, first check with a qualified professional in the field of viruses and trojans to do a scan on your computer in order to find viruses or trojans, then change all your passwords, including cPanel, database where your site is configured, FTP passwords and mainly the password for all administrators who have access to the site because of no use you make all the changes of passwords and forget the passwords of the site administrators, that surely the malicious user (attacker) already has, and if not changed facilitated invasion of a new site.
3. Now you need to change the address of the public_html folder which is located inside the main folder of your FTP: public_html_website_data, example: suppose I have ESDS Hosting and cPanel is my login: login:
Then I will change the folder / login / public_html to / login / public_html_old
That is done, all attempting to access my site will not be able to access the site(is unavailable), due to the default HTTP system folder was changed, as our goal was to leave the files on the site unavailable to prevent further damage until the type of invasion is identified and proper solution outlet, go to the next step.
4. As yet we do not know what kind of website suffered invasion and also already have some knowledge about the types of intrusions and malicious code are what we will now start looking for these codes, it is not an easy task, because they can be hidden inside any PHP script of your website, first start looking for any PHP script that is not part of your site if your site is on a ready CMS platform like Joomla, WordPress and others, this task becomes easier, just download the original CMS of the same version from official website and compare any php file that is not part of the system, if there are any suspicious file, open it with any text editor and make sure it contains encrypted codes of type eval (anything) or even any other type of encryption, if any function of type eval (), we note that the invasion occurred on your site due to your PHP files in hidden malicious code, but do not think just remove this file and your problem will be solved, besides looking for PHP files that are not part of the system, you need to look inside each file for malicious code, which poses lie hidden in the script, in which there are usually encrypted type of eval (), if you see that your PHP files have improper or malicious files that are not part of your website system, then we can say that the security hole that allowed this invasion occurred on that account.
If you find no malicious code in your PHP files, so everything indicates that the invasion occurred for other reasons, maybe easy password, or maybe your computer was infected by this virus, trojans or even can be a security flaw in your own web site, in which case we recommend contacting a professional in the area of web security, or you can take help of support team by opening a call through the central customer service requesting an aid to our developers and security experts, we put our professionals at your disposal to help you solve any problem, especially when it comes to security flaws, always treat these problems with high priority and you can account with us whenever needed.
To solve the problem you have two options, first would remove all files from your FTP of a web site and do a fresh install of the system used on your web site using system files downloaded from the official website of the developer and not third-party sites, and especially avoid using modules, templates and unknown plug-ins that are not downloaded from the official website, or, before using any third-party code or script to check for hidden malicious code in PHP files before sending to accommodation, following the four steps of verification and identification that you read this post earlier, the second alternative would remove all malicious code that may be hidden in the PHP files and check which file was corrupted and reset again, always using source code directly downloaded from the official website regardless of their platform.
First you need to watch out what hosting provider will host your site, do not analyze prices and costs, analyze the quality and safety that the provider offers.
ESDS has several features to prevent this type of invasion, most of our servers by default has additional security that prevents the execution of malicious code in your PHP scripts, you will hardly find this type of protection in other hosting providers, so just for the simple fact that most malicious code can not be executed On the ESDS servers, this is a big step in preventing invasions by malicious code, but even then you have to take some safety measures and prevention. Below you can find some tips and observations that will help you guard against any kind of invasion:
After identifying the type of intrusion your site has suffered, make arrangements to resolve the security flaw and prevent new invasions occur, you can change the name to the correct public_html_old public_html folder again, making your site back up and running for netizens again.
These are the basic tips for identifying and resolving an invasion by malicious code, hope this post has helped you, but if not, feel free to ask for assistance to technical support.
You can also use our MTvScan – Malware, Trojan, Vulnerability Scanner for Hassle free Vulnerability Removal.
In previous article we have seen various methods of connecting to and starting and shutting down pluggable databases. This article focuses on steps to unplug the database from container database and then plugging it back to same or another container. Here I have demonstrated the method using command prompt, whereas you can also manage the plugging and unplugging through Database Configuration Assistance (DBCA).
Before unplugging database make sure you are connected to appropriate database and close the pluggable database.
Here, it is important to understand that when we unplug the database, some repository needs to crated that will provide the metadata about the database when we wish to plug the same database back to container database. The statement you see in following screen shot to unplug the database generates xml file. This xml file stores the information about name, full paths of tablespaces and datafiles.
In our scenario, we are plugging back the unplugged database to the same container database. But in case where you need to unplugged database to another container database, it is always essential to verify the compatibility of pluggable database with container database. The verification can be done with Oracle Package and Stored Procedure.
”DB_PDB.CHECK_PLUG_COMPATIBILITY”. This can be simply verified using PL/SQL code written below:
As we seen, the output results that unplugged database is compatible we can proceed further plugging it. Here the xml file will be used generated while unplugging database, for creation and plugging the database.
Once pluggable database is created and plugged, you can see that newly created database is in mount state.
Shift to pluggable database and open it.
Here we are done with unplugging and plugging databases. To see the logs of complete process from unplugging database to plugging it back again, you can refer to alert log file. This will help you clearly understand the internals of plugging and unplugging databases.
That’s all with basics of multi-tenant database, we have seen so far with the series of articles from introduction to this point. Next we shall go through the multi-tenant database with Oracle other technologies like Data Guard.
In previous article we saw the process for creating Container and Pluggable Databases using Database Configuration Assistance (DBCA). There are difference in connecting to pluggable database as compared to those of container database and databases in previous releases. Also the way we need startup and shutdown the pluggable database.
It is really surprising and interesting to know, when we start the container database, all the pluggable database within are automatically mounted. There is no special mechanism to start pluggable database when we start the container database. We can manage the pluggable database in two ways:
Connecting to Container Database
We created the container database named CBD.
To check the services under container database, and information of which pluggable database it holds, you can use the dictionary view V$SERVICES
To get the details of all the services, you can use “lsnrctl” utility
You can get the details of current container with 2 methods as show:
You can switch to container inside container simply with “Alter Session Set” Command as:
Connecting to pluggable database
You can connect to pluggable database using “tnsname” or direct connect using service name. Connect to database and make sure that you are connected to appropriate database as:
Start up and Shut Down Pluggable database.
Startup and Shutdown process is simple as that of databases of previous releases. There is difference in managing pluggable database. When connected to container database, you can use “Alter Pluggable database” statements to manage the database. Some examples of the same are given below.
Following are possible options to perform startup operations on pluggable database:
ALTER PLUGGABLE DATABASE <pdb_name>OPEN READ WRITE [RESTRICTED] [FORCE];
ALTER PLUGGABLE DATABASE <pdb_name> OPEN READ ONLY [RESTRICTED] [FORCE];
ALTER PLUGGABLE DATABASE <pdb_name> OPEN UPGRADE [RESTRICTED];
ALTER PLUGGABLE DATABASE <pdb_name> CLOSE [IMMEDIATE];
If you have multiple pluggable database, “Alter Pluggable Database” can be used manage one or more database with single command. You need to specify the names of pluggable database as below:
ALTER PLUGGABLE DATABASE <pdb_1_name>,<pdb_2_name> [OPEN]/[CLOSE];
In case your container has few pluggable database and you wish to keep some of them shutdown and start rest you can use “Alter Pluggable database…EXPECT” command, as:
ALTER PLUGGABLE DATABASE ALL EXPECT pdb OPEN;
As said earlier that there is no special mechanism to start pluggable database when we start the container database, but we can achieve that creating the trigger on container database when starts to perform the startup of the pluggable databases automatically within it.
CREATE OR REPLACE TRIGGER openallpluggabledatabases
AFTER STARTUP ON DATABASE
EXECUTE IMMEDIATE ‘ALTER PLUGGABLE DATABASE ALL OPEN’;
This was all about connecting and managing startup/shutdown of pluggable databases. In coming article we shall understand how to view the information/properties of container and pluggable database using data dictionary view or SQL*Plus.
Backup Services are considered as one of the most important services which is very essential now a days. Local backup is always considered to be an easy task the physical media where you are storing the backups, like the DVDs or external disk, may not be very reliable in the long term. The other disadvantage is that local backups don’t always happen in real-time.
Online backup is the perfect solution to many of the business almost to all businesses. These services are cheap and affordable to as it is a secured way to protect one’s data. It is therefore recommended that one must switch to an online backup service – these are inexpensive and will automatically copy one’s computer’s data over the Internet to a more secure off-site location (aka the data center) in near real-time without anyone’s involvement.
Now-a-days all the crucial information one generally stores in the computers. Whether it’s photos and music or business documents and financial records, everything is digital. Digital data is rapidly growing at a rate of 80% each year, and businesses are responsible for maintaining 85% of that information. Data Loss can happen any time any moment in the current time span. There can be different reasons to this like, hard drive crashes, spilled drinks, and accidental file deletion can occur at any time and put your company’s future in jeopardy. In fact, 93% of all companies that suffer significant data loss close down within 5 years!
Traditional backup services can be tedious and time consuming too. These backup solutions can take weeks to implement, leaving your business vulnerable to revenue and productivity loss. Traditional outsourcing models expect you to give out your entire IT infrastructure workload leaving you with no control and conversely, more cause for worry. And very-long-term contracts tend to leave you locked into an outdated business plan. Many backup services offer a limited free plan, often for personal use. Often it is possible to increase the free backup limit through coupons, referrals, or other means that are not included in this column. This column also does not include free trials that are only available for a limited period of time.
The process which involves the backing up of mission critical data is often known as the backup services. Backup is the basic process to protect your data from any harmful effects while duplicating it and restoring after the processing of the applications. The basic purpose of backing up the data is that, Data is generally regarded as a company’s first or second most valuable asset — right on par with people. Equally important with backing up data is the ability to recover that same data and recover it in a timely fashion to keep your business up and running.
In today’s era of IT, its must that every services should be supported by the backup and recovery services as it provides the security and stability of the business enterprises. The most important backup and recovery process involves, such as data backup service security, data backup testing, data deduplication technology and more.
The basic need involves the function of safeguarding the data for the purpose of maintaining the high resource availability. The responsibility of a backup service provider includes many a critical aspects, being in charge of data backup and recovery usually means you’re in charge of two things: backup operations and backup administrations. Daily tasks such as making sure backups completed, ejecting tapes from a library and inserting scratch tapes have traditionally been the responsibilities of backup operators.
There are many similar terms or the activities involved while opting a backup and recovery process, many storage and backup administers often confuse data backup with data archiving. But the two are separate functions and should be treated as such. There are also different types of backup systems involved, like the most common backup types are a full backup, incremental backup and differential backup. Other backup types include synthetic full backups, mirroring, reverse incremental and continuous data protection (CDP).
The backup and recovery systems needs to be maintained regularly in order not to keep the business running. Testing is one of the major criteria to be considered while one is on backup and recovery process. Testing is often the missing link in making backups. Too many companies spend a lot of time backing up their data only to find the backups won’t work when something goes wrong with their data storage.
With the above explanations we can say that the backup and recovery process holds a great importance in the IT world as to have the data secured as well to keep the business running effectively.