Joomla Troubleshooter

Yesterday your Joomla site worked just fine. Today is misbehaving. And you're clueless... Right? Hey, you're not the first one having this experience. You're on the good site where you might find the cure for your problem!

The WYSIWYG editors are great additions to the Joomla, and we have lots of them around. They make a webmaster from casual user and can speed up the work of pros. But, sometimes, you find that you cannot enter text into the HTML editor, or click on the HTML editor's toolbar buttons - you are locked out of editing your content!

What can be more annoying as being unable to edit your own site?

Read more ...

Category: Joomla Troubleshooter

Do you are an early adopter and you upgraded to Joomla 1.0.13? And you have Community Builder, VirtueMart or SMF Bridge...and you cant' login right now, and/or your users are complaining about the same problem. We're sorry for you... Do you have a backup? Then is simple, restore the Joomla 1.0.12 files, overwriting the actual files with those from the official distribution package and restore the jos_users or similar (or at least the passwords column from that).

Do you have backup, don't you? No??? Ouch... humm, then the job is a bit harder, but can be done!

So, still you can do the file restore? Good, do it. Then read below!

Read more ...

Category: Joomla Troubleshooter

You have done a great job by cleaning your recently hacked file? Excellent, but you not finished yet!

If you were blacklisted by Google, McAfee, Yandex (or any other web spam authorities), your site is showing various malware warnings to your visitors, wich can be a big turn down factor. Luckily you can request a review after the hack has been fixed.

Google is now limiting repeat offenders to one review request every 30 days.

Be sure your site is clean before requesting a review!

To remove malware warnings on your site:

  • Call your hosting company and ask them to remove the suspension.

    • You may need to provide details about how you removed the malware.
  • Fill in a review request form for each blacklisting authority.

    • Google Search Console
    • McAfee SiteAdvisor
    • Yandex Webmaster
    • Norton Site Security
    • (any other similar service backlisting your site)
  • The review process can take several days.
Category: Got Hacked?

By comparing infected files with known good files (from official sources or reliably clean backups) you can identify and remove malicious changes.

Caution

It is important that you compare the same version of your Joomla! core files and extensions. Core files on the 2.x branch are not the same as the 3.x branch and so on.

Never perform any actions without a backup. If you’re unsure, please seek assistance from a professional.

To manually remove a malware infection from your Joomla! files:

  1. Log into your server via SFTP or SSH.

  2. Create a backup of the site files before making changes.

  3. Search your files for reference to malicious domains or payloads you noted.

  4. Identify recently changed files and confirm whether they are legitimate.

  5. Review files flagged by the diff command during the core file integrity check.

  6. Restore or compare suspicious files with clean backups or official sources.

  7. Remove any suspicious or unfamiliar code from your custom files.

  8. Test to verify the site is still operational after changes.

If you can't find the malicious content, try searching the web for malicious content, payloads, and domain names that you found in the first step. Chances are that someone else has already figured out how those domain names are involved in the hack you are attempting to clean.

Diff tools to compare suspicious files with known-good copies:


 

Category: Got Hacked?

You simply can’t be 100% safe from getting your website hacked. But fortunately there are ways to help reduce the chances of being hacked and recover quickly if some clever hacker still succeeds.

Read more ...

Category: Got Hacked?

If files have been modified on your server, or files have been uploaded for instance, you can check the timestamps on those files to find out when the attacker was on your site. This is typical in the case of sites being defaced or malicious code being injected somewhere. Most of the time, the attacker will have gained access to your site shortly before modifying or uploading files to it.

Read more ...

Category: Got Hacked?

Subcategories

Got Hacked?

What to do when you got hacked? Here you can find some advices, tricks and tips on what you can do!

Article Count:
4