Joomla · Joomla Errors

Someone Hacked your Joomla Site…now what?

As a web developer, having your Joomla site hacked is probably your worst nightmare.  Your Joomla site has been hacked and comprised if you have one or of these problems:

1.  Malicious scripts that were generating the SPAM URLs which are generating in your webmaster tools.
2.  Administrator user demoted to Registered
3.  Other links pointing to a search engine content
4.  Index.php file modified by someone other than the web master/web designer.
5.  Administrator password changed by someone other than the webmaster / web administrator.
6.  Hacker uploaded an email spamming script.
7.  Website now shows “website has been hacked by [removed]”.

Here are steps that you must follow to protect yourself and remove the problem:

1.  Makre sure you have the latest version of Joomla installed.
2.  Delete all files in your Joomla installation and your installation directory.
3.  Replace the deleted files with fresh copies of a current full version of Joomla, and fresh copies of Extensions and templates used.
4.  Review and check out Security Checklist checklist 7 to make sure you’ve gone through all of the steps.
5.  Change all your usernames and passwords for the website administrator panel and your Joomla site.

6.  Change your password to be 14-16 characters and hard to hack.  Use a random password generator which can help you generate strong passwords.
8.  Use proper permissions on files and directories. The file and directory permissions never will be 777, but ideal is 644 and 755.
9.  Check your htaccess for any odd code (i.e.  compare the file with standard htaccess in the Joomla installation file).
10.  Check the crontab or Task Scheduler for unexpected jobs/tasks.
11.  Perform regular backups of your site so you can restore from a previous copy of your site easily.

Leave a Reply

Your email address will not be published. Required fields are marked *

Captcha Captcha Reload