Can no longer log in to the admin back-end in JA Teline II

Forums    Joomla Templates Club    JA Teline II    Can no longer log in to the admin back-end in JA Teline II
Viewing 13 posts - 1 through 13 (of 13 total)
  • Author
    Posts
  • lcgrant Friend
    September 5, 2008 at 5:01 pm #133002

    I am running JA Teline II on top of Joomla 1.5.3. Everything was going along fine as I slowly added new content and replaced the sample content. Then I went away for a week.

    When I got back I tried to login and I kept getting told my password or ID was wrong. So even though I was using the same computer with Firefox’s remember password feature on, I went back to my spiral notebook where I write down all of my passwords and user-IDs only to find I was using the right information.

    I hadn’t recently added any components/modules/plugins so I’m at a loss for what’s different. I was not experiencing any problems before. And no one had access to my computer nor knows how to login.

    I’m clueless. Please help.

    tonyg Friend
    September 5, 2008 at 6:24 pm #268971

    Hi
    Is this on a live site or on your local computer. If it is on a live site then it sounds like you’ve been hack. On a local computer easy enough to sort out. Give a bit more info on what server you are using and I will try and help.

    lcgrant Friend
    September 5, 2008 at 9:43 pm #269006

    Thanks TonyG,

    I’m live on a Yahoo hosting account. I think Yahoo is using PHP 4.X and an Apache server. I knew I should have printed out my config info.

    pdafre4k Friend
    September 5, 2008 at 11:46 pm #269014

    reset ur password or just reinstall everything.
    and 1.5.1 – 1.5.5 is vunerable update to 1.5.6
    and follow this security check list
    http://docs.joomla.org/Joomla!_Administrators_Security_Checklist

    tonyg Friend
    September 6, 2008 at 12:02 am #269017

    Hi

    Try this quick way first, this depend on you knowing and having access to the super administrators email.

    Use the front end login form. Type in the super administrator user name, (admin) if not changed. Now click on Forgot your password?

    The idea here is to invoke Joomla to send you the password. If all is well you should be able to get the password from your email and use you it to get back in. You of course need to change the password after.

    Try this first and let me know, if that doesn’t work we try using the database.

    lcgrant Friend
    September 6, 2008 at 12:43 am #269023

    Thanks for the security check list. BTW, how do I reset the password. If I reinstall I’m worried that I might lose my content.

    lcgrant Friend
    September 6, 2008 at 12:54 am #269025

    <em>@tonyg 78007 wrote:</em><blockquote>Hi

    Try this quick way first, this depend on you knowing and having access to the super administrators email.

    Use the front end login form. Type in the super administrator user name, (admin) if not changed. Now click on Forgot your password?

    The idea here is to invoke Joomla to send you the password. If all is well you should be able to get the password from your email and use you it to get back in. You of course need to change the password after.

    Try this first and let me know, if that doesn’t work we try using the database.</blockquote>
    Unfortunately I disabled the front end login because there were too many people signing up before we were ready. (I know I should’ve had a test site on my local computer but…).

    tonyg Friend
    September 6, 2008 at 8:00 am #269049

    Ok lets move on to plan B, lets change the admin password in the database. To do this you will need access to your control panel on your host server. Once you have log into your control panel you can use phpMyAdmin. With phpMyAdmin open you should see your database on the left hand side of the screen.
    The password is stored in MySQL database jos_users table password field. Click on jos_users to open the table, now locate the password field. On the right hand side of the password field under the heading Action, click on the first icon (it should say browse distinct values when you mouse over it). You should see admin password now.
    The password must be MD5 hashed; you cannot simply enter text into this field.
    Set the password to a known value. In this case (secret) below is the MD5 hashed password for secret.
    secret = 5ebe2294ecd0e0f08eab7690d2a6ee69
    Paste the hashed password into the field, save the change, and log-in using the new password. Immediately change your password to something more secure!

    Try this first before we move on to the next stage of making your site a bit more secure.

    1 user says Thank You to tonyg for this useful post

    1. stengah
    lcgrant Friend
    September 8, 2008 at 1:35 pm #269489

    <em>@tonyg 78049 wrote:</em><blockquote>Ok lets move on to plan B, lets change the admin password in the database. To do this you will need access to your control panel on your host server. Once you have log into your control panel you can use phpMyAdmin. With phpMyAdmin open you should see your database on the left hand side of the screen.
    The password is stored in MySQL database jos_users table password field. Click on jos_users to open the table, now locate the password field. On the right hand side of the password field under the heading Action, click on the first icon (it should say browse distinct values when you mouse over it). You should see admin password now.
    The password must be MD5 hashed; you cannot simply enter text into this field.
    Set the password to a known value. In this case (secret) below is the MD5 hashed password for secret.
    secret = 5ebe2294ecd0e0f08eab7690d2a6ee69
    Paste the hashed password into the field, save the change, and log-in using the new password. Immediately change your password to something more secure!

    Try this first before we move on to the next stage of making your site a bit more secure.</blockquote>
    I must be a real dummy. I followed your directions and went to phpmyadmin. I selected the jos_users table, pasted in the secret password you suggested into the default value field, saved the change and tried to login…nothing. I got the same result as before. I even went back to the jos_users table and changed the user name to admin and still nothing.

    I have no idea what’s wrong. I’m thinking I may need to reinstall and start over. There was some documentation in phpmyadmin that showed me how to use the export tab to create a backup of the database and table.

    Before I go any further TonyG, is there anything else you would recommend or else I’m throwing in the towel. Thanks for all of your help.

    tonyg Friend
    September 8, 2008 at 6:17 pm #269538

    Hi
    That didn’t work because the hacker also changed the Super Admin user name (It appears that way)

    Follow this link it will show you how to create another Super Admin http://docs.joomla.org/Administration_FAQs_Version_1.0#How_do_I_recover_my_admin_password.3F

    Scroll down to How do I recover my admin password?

    You need to start again anyway but it will be nice if you can retrieve your contents first.
    The following process works for me, it may work for you too. I’ve installed a local server (XAMPP), I complete every site locally first. Locally I install two copies of the same site, one for testing new things on and the other, develop to go live. I installed JoomlaPack on the local and live sites. On live sites I use JoomlaPack to back up the entire site including the database, how regular I back up depends on how regular the site changes. Every backup you make from a live site test restoring it on a local server to ensure it actually works. Always change the Super Admin user name (admin) to anything you want.

    I’m about to test a new security plugin sounds useful, read more here..http://extensions.joomla.org/component/option,com_mtree/task,viewlink/link_id,5809/Itemid,35/

    All the best with the site and keep me posted

    felsimedia Friend
    September 16, 2008 at 9:20 pm #270898

    also, upgrade to joomla 1.5.7
    check joomla.org forum for security issues

    goodluck

    cgc0202 Friend
    September 17, 2008 at 9:03 pm #271072

    <em>@lcgrant 77940 wrote:</em><blockquote>I am running JA Teline II on top of Joomla 1.5.3. Everything was going along fine as I slowly added new content and replaced the sample content. Then I went away for a week.

    When I got back I tried to login and I kept getting told my password or ID was wrong. So even though I was using the same computer with Firefox’s remember password feature on, I went back to my spiral notebook where I write down all of my passwords and user-IDs only to find I was using the right information.

    I hadn’t recently added any components/modules/plugins so I’m at a loss for what’s different. I was not experiencing any problems before. And no one had access to my computer nor knows how to login.

    I’m clueless. Please help.</blockquote>

    Does Yahoo allow you to have your own Control Panel? There is a C-Panel used by The Planet hosting service that I think allow you to change the admin password.

    Or, does Yahoo have technical service that will allow them to change the password? If they do not have technical support, I suggest you change webhosting service.

    As suggested by others, if you do not have much content, and all the solutions suggested do not work, it might be much easier to start anew. One of the problems is that you have Joomla 1.5.3 — there are several security upgrades since then. Someone might have hacked your site.

    Cornelio

    lcgrant Friend
    September 18, 2008 at 10:01 pm #271214

    <em>@felsimedia 80335 wrote:</em><blockquote>also, upgrade to joomla 1.5.7
    check joomla.org forum for security issues

    goodluck</blockquote>
    Thanks all for your guidance, it really helped.

    After what seemed like days looking at the table in phpmyadmin I noticed that there was extra code at the end of the MD5 hash after a semicolon. I was only replacing the password before the semicolon when I should have replaced the entire password. DUH.

    Anyway, I’m back in business and will upgrade to Joomla 1.5.7, back-up my website (already backed up the database in phpmyadmin) and implement every other security measure all of you have patiently pointed out.

    Thanks a million.

  • Author
    Posts
Viewing 13 posts - 1 through 13 (of 13 total)

This topic contains 13 replies, has 5 voices, and was last updated by  lcgrant 16 years, 2 months ago.

We moved to new unified forum. Please post all new support queries in our New Forum

Important Notice :

New Unified Portal is live

Must Read

Jump to forum

Categories