Advertisement

Recovering from a hack

Discussion regarding Joomla! 5.x security issues.

Moderators: mandville, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Post Reply
User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 44561
Joined: Sat Apr 05, 2008 9:58 pm

Recovering from a hack

Post by Webdongle » Wed Nov 15, 2023 11:56 pm

Your database is your site ... first and foremost make a backup of your database.

All the files do is put/get data to/from the database and display the data on the screen.

Cleaning the site is easy ... just delete all the folders/files. Rebuilding the site is easy ... just install a fresh Joomla to a empty database and install 3rd party extensions then edit the configuration.php.

Before you ask what other users ask. No there is no real alternative ... you need to delete all folders/files.

Here is a summary of what you need to do
  1. Run the fpa and post the results in this forum
  2. Uninstall any untrusted/unwanted 3rd party extensions and Templates https://vel.joomla.org/live-vel
  3. Delete all the files on the server
  4. Scan your computer and all computers that have server or Joomla admin access
  5. Change Passwords
  6. Install Joomla (of the same version) to a new database. Install up to date 3rd party extensions (that are not on the VEL) then edit the configuration.php to connect to the original database. Update Joomla if you have and old version
  7. Change your Joomla SU/Admin Passwords and check the users/groups/access levels are correct and not been tampered with. Update your Joomla and run the fpa again
Step #f is simply installing Joomla and 3rd party extensions to an empty database so you get fresh files. Then connect the files to the database that has your data. That gives you your site back. The rest cleans the site and helps keep it secure.

Full details http://forum.joomla.org/viewtopic.php?f=714&t=757645
Last edited by toivo on Thu Nov 16, 2023 8:19 pm, edited 1 time in total.
Reason: mod note: unlocked on request
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".

Advertisement
User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 44561
Joined: Sat Apr 05, 2008 9:58 pm

Re: Recovering from a hack

Post by Webdongle » Mon Sep 09, 2024 2:27 pm

ibtisam_mib wrote: Mon Sep 09, 2024 2:18 pm Can we duplicate the site on server make the changes and implement it in the running site.
Yes but you would still retain the hack.
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".

Advertisement

Post Reply

Return to “Security in Joomla! 5.x”