Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • alimac Friend
    #134011

    I have just found out my site has been hacked by someone called Realist or starhackz.com in Turkey.

    I can’t get into my site now on the superadmin account as it looks my account has been deleted. I have used my wife’s account to gain access and no longer see my account!

    Does anyone have an ideas how I can progress from here please. The web url is
    http://www.derbymethodists.org.uk/info and you can see what the hacker has done.

    My problems I see are:
    1) When I go in through a normal admin account I can see all my content appears to be still there, but on the frontend of the website my frontpage of teline has disappeared.

    2) My superadmin account has been deleted – how do I get this back?

    3) How do I rectify the problem? Do I have to redo the site?

    4) How do I prevent this from happening again?

    Any ideas will be gratefully received.

    Ali

    Menalto Friend
    #273767

    Which version of joomla do you use?

    alimac Friend
    #273768

    Hi Menalto

    Many thanks for your very swift reply. The version of Joomla I am using is 1.5.3

    I am very grateful for any help you can offer.

    Ali

    Menalto Friend
    #273769

    First do a complete backup of your site, files and database.
    Then upgrade to 1.5.7 ASAP.
    If you have a index.hmtl file in root, open it in your favourite editor and check whats written in it, also in root of joomla check the index.php if any unwanted code have been placed there, then do the same for the index.php file for the template.
    Change all passwords on your joomla site and ftp.
    You can add a new user as super administrator, so you are not lost:)

    alimac Friend
    #273773

    Many thanks Menalto for your info.

    I wonder if you could advise me a little more please. What is your recommended means of backing up the site files and database. The last time I backed up my site, and updated the site I messed it up big time. Obvously, I want to avoid this at all costs.

    Your help is greatly appreciated.

    Ali

    Menalto Friend
    #273777

    I would use FTP and download the whole site to my computer, then do a backup of the database using phpmyadmin(if your host have that).Which host do you use btw?
    And i would double check that i had all files/folders, then i would upgrade my live site following the instructions from joomla.org regarding the upgrade.

    mj1256 Friend
    #273782

    textpad which is free, has a file comparison feature, you can open up the orignal file and the new file form the 1.5.7 joomla install and compare them to see what is changed

    Cansun Friend
    #273783

    I think they make SQL injection ,First of all you have to download your database into your computer then you can open your database with a text editor then find which table has a statement like
    <img src="http://img215.imageshack.us/img215/9100/meleklerboardfy2.jpg" width="500" height="250"><p>
    For example you can search jos_content table if you find that code inside replace that table with a new one or edit and delete it.

    Not: If you have a backup you can upload sql database ,then everything works fine.
    Then you have to find your mistake ,probably you forgot the change permissions .

    alimac Friend
    #273843

    Hi Menalto

    Many thanks for your help with the hacked website. It is very much appreciated. I am sorry I have another question after trying to add a new user as super administrator. I am getting an error message when I try to set up a new user …
    You cannot create a User with this User Group level, only Super Administrators have this ability.

    Is there a way around this please.

    Ali

Viewing 9 posts - 1 through 9 (of 9 total)

This topic contains 9 replies, has 4 voices, and was last updated by  alimac 16 years, 1 month ago.

We moved to new unified forum. Please post all new support queries in our New Forum