I set up a website for a friend 10 or so years ago and it’s recently been hijacked. Someone gained access somehow, changed the email and password to cpanel, changed the nameservers to point to cloudflare servers and made a bunch of changes to the layout and website content.
I contacted my hosting co and they said they could restore it to a previous backup, but they said I need to run a scan and fix via sitelock or another co first. Bought membership to sitelock and gave them user/pass to cpanel directly through my hosting (rather than through the site, which doesn’t work) but they keep saying the website files aren’t there and the ns are pointed to cloudflare so they can’t access them.
So, I called hosting co again and explained, they said they couldn’t change the ns because they’re going through cloudflare, and suggested I contact cloudflare to have them change them.
Obviously, I don’t have cloudflare, so I could only get through to an entry level support tech. All they could do was forward my inquiry, which has been over a week ago now.
I’m stuck and not sure what to do now. Been out of the game a long time and not up with the times at all.
Any help would be so much appreciated. Just a finger pointing in the right direction would be great. Thanks!