SSL Cert may be causing redirection and DNS issues

This is the scenario.

Site running on linux instance was attacked and so it was compromised really bad.

  • started a new instance
  • restored site from a backup prior to attack
  • new instance is working fine
  • old instance was turned off and decommissioned

When going live with new site though - I updated SSL cert on new instance and updated DNS but there's a redirection from new IP to the old one - output 1.

Started a new and different instance and completed another restore from backup (before the attack) with no problem - I have not updated SSL cert but updated DNS and now there's no redirection but DNS is not working - I can only get to the site via IP and when going by the actual domain I get a warning from browser saying "this connection is not private", that website may be impersonating my domain to steal info - output 2.

This is driving me nuts - there's either a redirection (on output 1), and also DNS not working even though propagation on the Internet completes successfully (on option 2). What is needed to do when servers are replaced but SSL certs issued by Let's Encrypt are still active and valid? When and how a SSL cert is updated on the new server? Anything that I should've done on the attacked server before decommissioning it? There's something that I am missing as I have not come across an attack and so the need to replace servers but your input will be appreciated.

Thanks.

3 Likes

Hi @cguanaja, and welcome to the LE community forum.

I can't see/find the mentioned "output 1" and "output 2: in your post.
[without which my understanding of the problem is limited]

This is confusing:

[and should be fixed before making any changes]

Nothing.
A full restore should just work.

When: [normally] 30 days before the cert expires.
How: Using the ACME client that obtained the cert.

Understand how it failed; So that you can harden the new server against such attacks.

I would begin at the beginning...
Does the new server have an ACME client?
Does the new server have a valid cert?

2 Likes

@rg305

You wanna merge this topic with its brother?

1 Like

If only I knew how...
[ I must have been out on that training day ]

@discobot How can I merge two TOPICS?
[LOL]

2 Likes

Hi! To find out what I can do, say @discobot display help.

2 Likes

Your mighty Leader powers should allow it. As I am not yet a mighty Leader, I do not know how. :man_shrugging:

@JimPas could certainly tell us though.

2 Likes

See my reply to @Rip in our PM. :wink:

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.