We just restored backup... now, entire /public_html folder is deleted again. In short, am fighting against an intruder and do need help to find the gap where he goes in.
The most shocking situation above all, intruder is also able using my local ip which allows him to login to our application! See attached screenshot
It feels strange to see this link...
Have dedicated server, dedicated ip also purchased ssl certificate and of course csf installed. What else more can I do to STOP such attack?