Clean & Harden Hacked VPS

Budget: $30 - $250

My VPS has been breached through a brute-force attack. Once the intruders gained access to a single site they pivoted across the whole server; right now one or two of my plumbing- and electrical-service sites are completely down, others redirect visitors to gambling pages, and a few load only partially.

I need the environment thoroughly cleaned and then hardened so the incident cannot repeat itself. The job starts with a full forensic scan of the VPS, removal of every malicious file or backdoor, and restoration of the legitimate code, databases and URLs. From there we move on to security hardening: patching the OS, updating all CMSs and plugins, tightening file permissions, setting up a firewall, Fail2Ban or equivalent brute-force protection, malware monitoring (ClamAV / Maldet / rkhunter), and automated off-site backups. SSH key authentication, disabled root s and strong password policies must be enforced as well.

Deliverables • All affected websites load normally with no malicious redirects • Written summary of the breach, cleaned files and vulnerabilities found • Security configuration in place on the VPS (firewall, intrusion detection, regular backups) • A simple checklist I can follow to keep the server patched going forward

If you prefer specific tools or scripts let me know; I just care that the sites are healthy and the server is locked down for the long term.