ddili.org is down due to malware infestation

[Vladimir Panteleev]

On Monday, 10 August 2020 at 03:40:33 UTC, Ali Çehreli wrote:
> Luckily, there is no issue with archiving and the content is 
> generated by 'make' and stored on Github anyway. I am trying to 
> convince HostGator that *I know* there is no malware. >:)

Some computer worms search the web for outdated vulnerable 
software, such as forums, and spread by infecting the scripts. 
Then the machine can be used by cybercriminals for nefarious 
activities, such as sending out spam.

Some particularly insidious worms succeed well in hiding 
themselves, e.g. using "rootkits", so they may be difficult to 
detect.

If you would like to keep your current host, I suggest the 
following:

1. Make a complete backup of all your account data (files, 
database...)

2. Completely wipe all your account data

3. Rebuild everything from scratch:

- Rebuild from source and re-upload static content (such as the 
HTML render of your book)

- Reinstall any dynamic software such as the forum, using the 
current latest version

- Carefully restore applicable parts of the database (most worms 
hide in files, but there exist vulnerability classes, such as PHP 
code injection, which would allow them to hide in the database).

4. Present proof that you have done this to your host. This 
should be sufficient for them to restore the account.

It might help to know (and to disclose to your host) the nature 
of the malware itself. If you like, I could have a look (I've had 
to deal with such incursions before), please get in touch.

- Vladimir