IP adres hacker in log files?

  • Hello!

    My website was hacked this sunday. Somebody deleted my main admin account and replaced the other one with his own. In cPanel I could fix this. He deleted all the pages. luckily for me, he did not empty the trash. So the website is fine again. But I got the email he used and it is a dutch one. I suspect someone in special. I would really like to get this motherf*cker! Do you know anyway I could find is IP adres in the log files? He logged in changed the users and changed the pages so you would think those actions leave some traces in a log file.

    Thanks in advance!
    Floris

Viewing 4 replies - 1 through 4 (of 4 total)

  • It is Too bad to hear that. You can get Ip from your Cpanel Visitors / Metrics. But, It depends on your Hosting. In my Hosting, I have That option. You can Go for Hosting support. In the log file, you can find it.

    Just Remember that, An ethical hacker Won’t use his original IP.

    You can probably find his IP in the access logs. However, this depends on your host log rotation policies. If the log files from Sunday were compressed and archived, you wouldn’t be able to find it. A solution would be to contact your hosting provider and ask them to look into the Sunday logs for you.

    Please keep in mind that often attackers use proxy servers so even if you find the IP there’s a chance that’s not his real IP address.

    Hope you find him! ??

    • This reply was modified 8 years, 1 month ago by georged8.

    Jeff Starr addresses this issue well, I think, in this article https://perishablepress.com/what-to-do-when-your-site-gets-hacked/

    Do not retaliate
    After discovering that hacker forum thread discussing how the greasy scumbags hacked my site, I was livid. I wanted revenge. I wanted to “get even”. But even in my rage I knew better than to stir up the hornets nest. Taking any form of direct action against the perpetrators ultimately would have backfired. Seriously, we’re talking about people who spend their lives exploiting vulnerabilities. Of course, not all hackers are bad guys, but you definitely don’t want to pick a fight with an army of people who share that “hacker” mentality. No matter how upset or justified you might be, you’re better off just letting it go. Clean up the hack, secure your site, and move on with your life. My advice.

    Thread Starter florispriester

    (@florispriester)

    Thanks for the support guys!

    The only reason I would like to know to IP is because I suspect the guy who built my old website, things ended a bit rough you could say. It would be just to know for sure if it was him (probably was because he had some of my passwords). I know it doesn’t make sense to try and find a random hacker, that wasn’t the plan. I’ll keep you posted!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘IP adres hacker in log files?’ is closed to new replies.

Tags