will not display pages from control panel

Discussion regarding Joomla! 3.x security issues.

Moderators: Bernard T, mandville, fcoulter, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Post Reply
sarmeli
Joomla! Apprentice
Joomla! Apprentice
Posts: 5
Joined: Wed May 30, 2012 3:26 pm

will not display pages from control panel

Post by sarmeli » Tue Oct 20, 2020 3:39 pm

Hello,
I have an active site that is running fine on the front end, however since I upgraded to 3.9.21 I can log into the administrative backend. I see the control panel page but if I try to go to any page - users, articles , global configuration or anything it just gives me a blank page.

I have gone through a few pages of topics but can not find anyone else that is having this issue.
Any helpor suggestions is greatly appreciated.
Last edited by toivo on Tue Oct 20, 2020 5:47 pm, edited 1 time in total.
Reason: mod note: moved from 3.x Administration

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 12901
Joined: Thu Feb 15, 2007 5:48 am
Location: Zagreb, Croatia

Re: will not display pages from control panel

Post by toivo » Tue Oct 20, 2020 3:47 pm

A blank page is often caused by a PHP fatal error. Which version of Joomla did you upgrade from?

Does the cPanel provided by your host give you access to the PHP error log?

If not, edit the file configuration.php in the main Joomla folder and change the level of error reporting:

Code: Select all

	public $error_reporting = 'maximum';
This setting should get the details of the error to be displayed when you try to access the functions in the back end. Post the message here for advice.
Toivo Talikka, Global Moderator

sarmeli
Joomla! Apprentice
Joomla! Apprentice
Posts: 5
Joined: Wed May 30, 2012 3:26 pm

Re: will not display pages from control panel

Post by sarmeli » Tue Oct 20, 2020 4:46 pm

I upgraded from 3.9.20 to 3.9.21
below is from the error log I have access to - I don't have a specific php error log that I can access
20 10:24:15.874362 2020] [cgi:error] [pid 21152] [client 94.130] AH01228: exec used but not allowed in /home/sarmelic/public_html/404.shtml, referer: http://www.xxxx.com/sflllgf/templates/b ... xoqnrm.php

This is the error I get after changing the config.php file
Fatal error: Cannot redeclare tb1cdaec() (previously declared in /home/sarmelic/public_html/sflllgf/layouts/joomla/toolbar/base.php:1) in /home/sarmelic/public_html/sflllgf/layouts/joomla/toolbar/base.php on line 1

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 12901
Joined: Thu Feb 15, 2007 5:48 am
Location: Zagreb, Croatia

Re: will not display pages from control panel

Post by toivo » Tue Oct 20, 2020 5:43 pm

sarmeli wrote:
Tue Oct 20, 2020 4:46 pm
20 10:24:15.874362 2020] [cgi:error] [pid 21152] [client 94.130] AH01228: exec used but not allowed in /home/sarmelic/public_html/404.shtml, referer: http://www.xxxx.com/sflllgf/templates/b ... xoqnrm.php
Beez_20 is one of the templates installed in Joomla 2.5. It does not work in Joomla 3.x.

The error messages indicate that the website has been hacked. Go to the 3.x Security forum and read the sticky topics how to clean the website by reconstructing it and how to follow best security practice.

There are also online audit services, for example Phil Taylor's https://mysites.guru, where the first audit is free. Phil can also fix hacked Joomla sites for a set fee.
Toivo Talikka, Global Moderator

sarmeli
Joomla! Apprentice
Joomla! Apprentice
Posts: 5
Joined: Wed May 30, 2012 3:26 pm

Re: will not display pages from control panel

Post by sarmeli » Tue Oct 20, 2020 6:53 pm

Hmm, Thank you. I will read the sticky topics and clean it up.

sarmeli
Joomla! Apprentice
Joomla! Apprentice
Posts: 5
Joined: Wed May 30, 2012 3:26 pm

Re: will not display pages from control panel

Post by sarmeli » Tue Oct 20, 2020 7:59 pm

the site got a B grade looking at the information I do not see an issue and it only shows beez3 , prostar and
prostarplus-eighteen
here is my fpa post:
Forum Post Assistant (v1.6.1) : 20-Oct-2020 wrote:
Basic Environment :: wrote:Joomla! Instance :: Joomla! 3.9.21-Stable (Amani) 25-August-2020
Joomla! Platform :: Joomla Platform 13.1.0-Stable (Curiosity) 24-Apr-2013
Joomla! Configured :: Yes | Writable (644) |
Configuration Options :: Offline: false | SEF: true | SEF Suffix: false | SEF ReWrite: false | .htaccess/web.config: Yes | GZip: false | Cache: false | CacheTime: 15 | CacheHandler: file | CachePlatformPrefix: false | FTP Layer: false | Proxy: false | LiveSite: | Session lifetime: 15 | Session handler: database | Shared sessions: false | SSL: 0 | Error Reporting: maximum | Site Debug: false | Language Debug: false | Default Access: 1 | Unicode Slugs: false | dbConnection Type: mysqli | PHP Supports J! 3.9.21: Yes | Database Supports J! 3.9.21: Yes | Database Credentials Present: Yes |

Host Configuration :: OS: Linux | OS Version: 3.10.0-957.1.3.el7.x86_64 | Technology: x86_64 | Web Server: Apache | Encoding: gzip, deflate, br | System TMP Writable: Yes | Free Disk Space : 105.75 GiB |

PHP Configuration :: Version: 7.2.34 | PHP API: cgi-fcgi | Session Path Writable: Yes | Display Errors: | Error Reporting: 32759 | Log Errors To: error_log | Last Known Error: 17th September 2020 15:31:34. | Register Globals: | Magic Quotes: | Safe Mode: | Allow url fopen: | Open Base: | Uploads: 1 | Max. Upload Size: 2M | Max. POST Size: 8M | Max. Input Time: 60 | Max. Execution Time: 30 | Memory Limit: 128M

Database Configuration :: Version: 5.7.32 (Client:mysqlnd 5.0.12-dev - 20150407 - $Id: 3591daad22de08524295e1bd073aceeff11e6579 $) | Database Size: 6.04 MiB | #of Tables with config prefix:  92 | #of other Tables:  0 | User Privileges : GRANT ALL
Detailed Environment :: wrote:PHP Extensions :: Core (7.2.34) | date (7.2.34) | libxml (7.2.34) | openssl (7.2.34) | pcre (7.2.34) | zlib (7.2.34) | filter (7.2.34) | hash (1.0) | pcntl (7.2.34) | readline (7.2.34) | Reflection (7.2.34) | SPL (7.2.34) | session (7.2.34) | standard (7.2.34) | cgi-fcgi () | bcmath (7.2.34) | calendar (7.2.34) | ctype (7.2.34) | curl (7.2.34) | dom (20031129) | mbstring (7.2.34) | fileinfo (1.0.5) | ftp (7.2.34) | gd (7.2.34) | iconv (7.2.34) | imap (7.2.34) | json (1.6.0) | exif (7.2.34) | mysqlnd (mysqlnd 5.0.12-dev - 20150407 - $Id: 3591daad22de08524295e1bd073aceeff11e6579 $) | PDO (7.2.34) | Phar (2.0.2) | posix (7.2.34) | SimpleXML (7.2.34) | sockets (7.2.34) | sqlite3 (7.2.34) | tokenizer (7.2.34) | xml (7.2.34) | xmlwriter (7.2.34) | xsl (7.2.34) | zip (1.15.4) | mysqli (7.2.34) | pdo_mysql (7.2.34) | pdo_sqlite (7.2.34) | wddx (7.2.34) | xmlreader (7.2.34) | imagick (3.4.4) | Zend OPcache (7.2.34) | Zend Engine (3.2.0) |
Potential Missing Extensions ::

Switch User Environment :: PHP CGI: Yes | Server SU: Yes | PHP SU: Yes | Potential Ownership Issues: No
Folder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (---) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) | administrator/logs/ (755) |

Elevated Permissions (First 10) ::
Database Information :: wrote:Database statistics :: Uptime: 121533 | Threads: 2 | Questions: 12406709 | Slow queries: 0 | Opens: 1588999 | Flush tables: 1 | Open tables: 2000 | Queries per second avg: 102.085 |
Extensions Discovered :: wrote:Components :: Site ::
Core :: com_mailto (3.0.0) 1 | com_wrapper (3.0.0) 1 |
3rd Party::

Components :: Admin ::
Core :: com_actionlogs (3.9.0) 1 | com_admin (3.0.0) 1 | com_ajax (3.2.0) 1 | com_associations (3.7.0) 1 | com_banners (3.0.0) 1 | com_cache (3.0.0) 1 | com_categories (3.0.0) 1 | com_checkin (3.0.0) 1 | com_config (3.0.0) 1 | com_content (3.0.0) 1 | com_contenthistory (3.2.0) 1 | com_cpanel (3.0.0) 1 | com_fields (3.7.0) 1 | com_finder (3.0.0) 1 | com_installer (3.0.0) 1 | com_joomlaupdate (3.6.2) 1 | com_languages (3.0.0) 1 | com_login (3.0.0) 1 | com_media (3.0.0) 1 | com_menus (3.0.0) 1 | com_messages (3.0.0) 1 | com_modules (3.0.0) 1 | com_newsfeeds (3.0.0) 1 | com_plugins (3.0.0) 1 | com_postinstall (3.2.0) 1 | com_privacy (3.9.0) 1 | com_redirect (3.0.0) 1 | com_search (3.0.0) 1 | com_tags (3.1.0) 1 | com_templates (3.0.0) 1 | com_users (3.0.0) 1 |
3rd Party:: com_djimageslider (4.0.1) 1 | com_phocagallery (4.3.18) 1 |

Modules :: Site ::
Core :: mod_articles_archive (3.0.0) 1 | mod_articles_categories (3.0.0) 1 | mod_articles_category (3.0.0) 1 | mod_articles_latest (3.0.0) 1 | mod_articles_news (3.0.0) 1 | mod_articles_popular (3.0.0) 1 | mod_banners (3.0.0) 1 | mod_breadcrumbs (3.0.0) 1 | mod_custom (3.0.0) 1 | mod_feed (3.0.0) 1 | mod_finder (3.0.0) 1 | mod_footer (3.0.0) 1 | mod_languages (3.5.0) 1 | mod_login (3.0.0) 1 | mod_menu (3.0.0) 1 | mod_random_image (3.0.0) 1 | mod_related_items (3.0.0) 1 | mod_search (3.0.0) 1 | mod_stats (3.0.0) 1 | mod_syndicate (3.0.0) 1 | mod_tags_popular (3.1.0) 1 | mod_tags_similar (3.1.0) 1 | mod_users_latest (3.0.0) 1 | mod_whosonline (3.0.0) 1 | mod_wrapper (3.0.0) 1 |
3rd Party:: DJ-ImageSlider (4.0.0) 1 | mod_phocagallery_menu (4.3.11) 1 |

Modules :: Admin ::
Core :: mod_custom (3.0.0) 1 | mod_feed (3.0.0) 1 | mod_latest (3.0.0) 1 | mod_latestactions (3.9.0) 1 | mod_logged (3.0.0) 1 | mod_login (3.0.0) 1 | mod_menu (3.0.0) 1 | mod_multilangstatus (3.0.0) 1 | mod_popular (3.0.0) 1 | mod_privacy_dashboard (3.9.0) 1 | mod_quickicon (3.0.0) 1 | mod_sampledata (3.8.0) 1 | mod_stats_admin (3.0.0) 1 | mod_status (3.0.0) 1 | mod_submenu (3.0.0) 1 | mod_title (3.0.0) 1 | mod_toolbar (3.0.0) 1 | mod_version (3.0.0) 1 |
3rd Party::

Libraries ::
Core ::
3rd Party::

Plugins ::
Core :: PLG_ACTIONLOG_JOOMLA (3.9.0) 1 | plg_authentication_cookie (3.0.0) 1 | plg_authentication_gmail (3.0.0) 0 | plg_authentication_joomla (3.0.0) 1 | plg_authentication_ldap (3.0.0) 0 | plg_captcha_recaptcha (3.4.0) 0 | plg_captcha_recaptcha_invisible (3.8) 0 | plg_content_confirmconsent (3.9.0) 0 | plg_content_emailcloak (3.0.0) 1 | plg_content_fields (3.7.0) 1 | plg_content_finder (3.0.0) 0 | plg_content_joomla (3.0.0) 1 | plg_content_loadmodule (3.0.0) 1 | plg_content_pagebreak (3.0.0) 1 | plg_content_pagenavigation (3.0.0) 1 | plg_content_vote (3.0.0) 0 | plg_editors-xtd_article (3.0.0) 1 | plg_editors-xtd_fields (3.7.0) 1 | plg_editors-xtd_image (3.0.0) 1 | plg_editors-xtd_menu (3.7.0) 1 | plg_editors-xtd_module (3.5.0) 1 | plg_editors-xtd_pagebreak (3.0.0) 1 | plg_editors-xtd_readmore (3.0.0) 1 | plg_extension_joomla (3.0.0) 1 | plg_fields_calendar (3.7.0) 1 | plg_fields_checkboxes (3.7.0) 1 | plg_fields_color (3.7.0) 1 | plg_fields_editor (3.7.0) 1 | plg_fields_imagelist (3.7.0) 1 | plg_fields_integer (3.7.0) 1 | plg_fields_list (3.7.0) 1 | plg_fields_media (3.7.0) 1 | plg_fields_radio (3.7.0) 1 | plg_fields_repeatable (3.9.0) 1 | plg_fields_sql (3.7.0) 1 | plg_fields_text (3.7.0) 1 | plg_fields_textarea (3.7.0) 1 | plg_fields_url (3.7.0) 1 | plg_fields_user (3.7.0) 1 | plg_fields_usergrouplist (3.7.0) 1 | plg_finder_categories (3.0.0) 1 | plg_finder_contacts (3.0.0) 1 | plg_finder_content (3.0.0) 1 | plg_finder_newsfeeds (3.0.0) 1 | plg_finder_tags (3.0.0) 1 | PLG_INSTALLER_FOLDERINSTALLER (3.6.0) 1 | plg_installer_packageinstaller (3.6.0) 1 | PLG_INSTALLER_URLINSTALLER (3.6.0) 1 | plg_privacy_actionlogs (3.9.0) 1 | plg_privacy_consents (3.9.0) 1 | plg_privacy_content (3.9.0) 1 | plg_privacy_message (3.9.0) 1 | plg_privacy_user (3.9.0) 1 | plg_quickicon_extensionupdate (3.0.0) 1 | plg_quickicon_joomlaupdate (3.0.0) 1 | plg_quickicon_phpversioncheck (3.7.0) 1 | plg_quickicon_privacycheck (3.9.0) 1 | plg_search_categories (3.0.0) 1 | plg_search_contacts (3.0.0) 1 | plg_search_content (3.0.0) 1 | plg_search_newsfeeds (3.0.0) 1 | plg_search_tags (3.0.0) 1 | PLG_SYSTEM_ACTIONLOGS (3.9.0) 1 | plg_system_cache (3.0.0) 0 | plg_system_debug (3.0.0) 1 | plg_system_fields (3.7.0) 1 | plg_system_highlight (3.0.0) 1 | plg_system_languagecode (3.0.0) 0 | plg_system_languagefilter (3.0.0) 0 | plg_system_log (3.0.0) 1 | plg_system_logout (3.0.0) 1 | plg_system_logrotation (3.9.0) 1 | plg_system_p3p (3.0.0) 0 | plg_system_privacyconsent (3.9.0) 0 | plg_system_redirect (3.0.0) 0 | plg_system_remember (3.0.0) 1 | plg_system_sef (3.0.0) 1 | plg_system_sessiongc (3.8.6) 1 | plg_system_stats (3.5.0) 1 | plg_system_updatenotification (3.5.0) 1 | plg_twofactorauth_totp (3.2.0) 0 | plg_twofactorauth_yubikey (3.2.0) 0 | plg_user_contactcreator (3.0.0) 0 | plg_user_joomla (3.0.0) 1 | plg_user_profile (3.0.0) 0 | plg_user_terms (3.9.0) 0 |
3rd Party:: plg_editors_codemirror (5.56.0) 1 | plg_editors_tinymce (4.5.12) 1 |
Templates Discovered :: wrote:Templates :: Site :: beez3 (3.1.0) 1 | protostar (1.0) 1 | protostarplus-eighteen (1.18) 1 |
Templates :: Admin :: hathor (3.0.0) 1 | isis (1.0) 1 |
Last edited by toivo on Wed Oct 21, 2020 5:11 am, edited 1 time in total.
Reason: mod note: disabled smilies in post Options for readability

User avatar
sozzled
Joomla! Exemplar
Joomla! Exemplar
Posts: 9877
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia

Re: will not display pages from control panel

Post by sozzled » Tue Oct 20, 2020 8:15 pm

Thank you, @sarmeli, for your FPA report.

Even though your website is fairly basic and does not have many installed extensions, and you are using a third-party frontend template that I have not heard of—but it should work—this doesn't explain why you are unable to display anything in the site backend. I cannot see anything from the FPA report that indicates the website may have been maliciously attacked/hacked and I do not understand why the forum moderators decided to move this discussion topic to the Security in Joomla! 3.x forum. :-\

I'm curious about how you "updated" to J! 3.9.21 from a previous version; it would help to know (a) what version of J! you updated from and (b) what method you used to update the J! software. ???

The quickest solution, to restore the website to operation, would be to restore the site to the state it was in before you updated (by using a backup copy you made before you updated).

However, there are some tell-tale signs that you would have problems updating the software because of inadequate PHP setting quantities. Please refer to the basic/suggested guide on PHP settings for J! here: https://docs.joomla.org/J3.x:Installing ... i_Settings

I would start by making these changes:
  1. Enable allow_url_fopen
  2. Set upload_max_filesize = 32M
  3. Set post_max_size = 32M (or higher, say 64M)
The real question remains: are you still unable to display anything in the backend after you login? ???
https://www.kuneze.com/blog
“If you think I’m wrong then say, ‘I think you’re wrong.’ If you say ‘You’re wrong!’, how do you know?” :)

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 15002
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: will not display pages from control panel

Post by mandville » Tue Oct 20, 2020 10:15 pm

also your extensions are out of date.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 12901
Joined: Thu Feb 15, 2007 5:48 am
Location: Zagreb, Croatia

Re: will not display pages from control panel

Post by toivo » Wed Oct 21, 2020 5:56 am

sarmeli wrote:
Tue Oct 20, 2020 7:59 pm
the site got a B grade looking at the information I do not see an issue and it only shows beez3 , prostar and
prostarplus-eighteen
Does the main Joomla folder have a subfolder 'sflllgf', shown in the two error messages? According to the first error message you posted, the subfolder 'sflllgf' contains the Joomla 2.5 template in templates/beez_20. The file uvxoqnrm.php does not belong there and it must have been created by a malicious script at some stage:
sarmeli wrote:
Tue Oct 20, 2020 4:46 pm
20 10:24:15.874362 2020] [cgi:error] [pid 21152] [client 94.130] AH01228: exec used but not allowed in /home/sarmelic/public_html/404.shtml, referer: http://www.xxxx.com/sflllgf/templates/b ... xoqnrm.php
Joomla 3.x does not have a function called tb1cdaec(), shown in the second error message. The error message refers to the hacked file layouts/joomla/toolbar/base.php, which explains why you have issues with the toolbar:
sarmeli wrote:
Tue Oct 20, 2020 4:46 pm
Fatal error: Cannot redeclare tb1cdaec() (previously declared in /home/sarmelic/public_html/sflllgf/layouts/joomla/toolbar/base.php:1) in /home/sarmelic/public_html/sflllgf/layouts/joomla/toolbar/base.php on line 1
The FPA results alone do not show anything unusual, but the PHP error messages go a long to explain why the toolbar does not work. The Joomla 2.5 site may have been hacked first, before the website was upgraded to 3.x. Unfortunately removing the 2.5 subfolder is not going to fix the 3.9.21 site, which has also been compromised.
Toivo Talikka, Global Moderator


Post Reply

Return to “Security in Joomla! 3.x”