VPS that I use on hacked by people who are not responsible. All my website to be down, inaccessible for several days, and during that, I fix and does not succeed. What am I doing? of course, makes backup and transfer them to the dropbox. Where, dropbox is a safe place to store the backup file. Save the data is the best move, if not then you have to start everything from the beginning. Your business will go back to the beginning when standing.
Data is secure, but the website can not be accessed. What happened. Began investigating permissions and backdoor that has been laid by hackers. Zero, not detected at all. Thus, the possibility of hackers do not leave backdor.
Move to another server
This is the first step to revive the website. Purchase a new server and install all the sites there. This job took two days, so that the site can be accessed normally.
And finally, the site can be accessed normally.
I’m still looking for the cause of why my web can collapse, even a hacker successfully entered into the database then replace the active database with their database. Shit.
Then, I read on the internet, that plugins are out of date are likely to be used by hackers / crackers to illegally enter the server.
And the culprit is: All-in-One SEO pack plugin wp. I rarely update the plugin, and the result is fatal. All-in-One SEO pack plugin wp version 18.104.22.168 has bugs that could be used by hackers to attack servers, whether attacks are executed.
Finally, I started to update all plugins, themes and wordpress core.