Drupal Sites got Hacked - Help with some SSH commands please


#1

Hey guys,

A couple of my drupal sites were not fully updated and were hacked (big lesson learned). The hack created several extra .php files throughout the site and also inserted a snippet of code through some of the other already existing .php files.

I found this site explaining how to remove the added files as well as how to remove the extra code in the existing php files. I know this is only a temporary solution until I update all the software again and make sure any exploits are patched.

The only thing is i’m not very familiar with SSH or Putty, so I’m a little lost here.

Is there anyway I can run these two commands specifically for the effected sites only rather than every single site hosted under my account?

and

How can I run these commands specifically for the effected sites? Any help would be greatly appreciated!

Definitely a big lesson learned on keeping software up to date. Thanks in advance for your help.