- Go to “/etc/apache2/apache2.conf”
- Change the following code
<Directory /var/www/> Options Indexes FollowSymLinks AllowOverride None Require all granted </Directory>
Change above code as like below. Removed Indexes from first line.
<Directory /var/www/> Options FollowSymLinks AllowOverride None Require all granted </Directory>
Please follow the below video instruction:
-
Restart Apache 2 web server, enter:
# /etc/init.d/apache2 restart
OR
$ sudo /etc/init.d/apache2 restart
OR
$ sudo service apache2 restart
Enable and Disable error log file in Plesk server
I have tried to Disable the error log file creation process through htaccess file using below code. But, its displayed “internal server error” in Plesk server.
php_flag log_errors offSo, updated settings as like below to Disable and Enable the error log in Plesk server.
If you would like to disable logging you may need to add it to the additional apache/nginx configuration found in
“Plesk >> Domains >> Domain in question >> Apache & nginx Settings >> Additional Apache
Directives”
OR, change the error logging in your PHP settings (“Plesk >> Domains >> Domain in
question >> PHP Settings >> error_reporting” ) to reduce what is logged. I have did through this option.
Please find the below image for more information.
Enable and Disable error log in Plesk server 1
Enable and Disable error log in Plesk server 2
Thank you.
Hacked site malware cleaning steps and Securing steps
Please follow the below steps to clean the Hacked and malware code.
- Backup full database and files.
- Change FTP(cpanel) and database password.
NOTE: Once updated the database password, we need to update new password information in config file. For wordpress, wp-config.php is config file. This file located in wordpress root folder. It will change based on CMS and framework which one you have used. Please find below image to update wp-config.php file.
- Scan full site using online tool and security plugins.
We could use Wordfence for wordpress and Scan full site using your local antivirus software with download backup files. Please find the below image to scan the full site using Wordfence.
Online Scan Sites:
https://sitecheck.sucuri.net/
https://www.stopbadware.org/request-review
http://evuln.com/tools/malware-scanner/
4. Search and clean malware code in server files.
Remove all malware code which is you found using Step 3 scan steps.
Also, you could recheck the below files and remove any malware code if exist. You could found malware code very easy. Because, Surely malware code different from default function and code.
1. Index.php files in wordpress root folder and theme.
2. Header.php, footer.php and template files within all Themes which exist in /wp-content/themes/
3. config.php and htaccess file in root folder.
5. Search and clean within database.
Search the code within database using phpMyAdmin or other interface. Search keyword, you could take some part of malware code from scanned result. Remove it from database tables,if you found.
6. Now, surely your site back to live.
7. Also, ask you server support team to scan the full site and do the action based on support team scan result.
8. Finally need to do the below points to make sure to avoid hacking again! Please check other post in below link.
Need to take action in below points once removed the malware code
You will want to take all of the following actions for each account/CMS to get this resolved:
-Examine the indicated files and if necessary, remove the identified files from public_html.
-Update the core CMS installation and all themes, plugins, addons, modules, templates, etc.
-Change the cPanel account password and any FTP account passwords that have access to upload.
-Change the CMS administrator password.
-Change any email account passwords with access to resetting the CMS administrator password.
-Scan any computers with access to the server with anti-virus software and Malwarebytes and Spybot Search&Destroy.
Going forward, you’ll want to make sure that you keep the CMS installations more up-to-date and please let me know if you have any questions.