Re: My Xoops site has been hacked! How do I fix it? [Q and A]

1

My Xoops site has been hacked! How do I fix it?

2006/10/24 1:48
codyheit
Not too shy to talk
Posts: 150
Since: 2006/1/10

Hi

My XOOPS site has just been hacked and I would like to know how I can fix this. It looks like the hacker has changed all index files (html, php etc) to thier page. What is the main index page that XOOPS users to first load?

Thanks

whttp://www.sacotech.com.au

2

Re: My Xoops site has been hacked! How do I fix it?

2006/10/24 2:39
zyspec
Module Developer
Posts: 1095
Since: 2004/9/21

The first file that normally gets loaded when a user goes to a XOOPS site is /index.php. You may want to check to see if they put an index.htm(l) page in your directory. Many servers will execute an .htm(l) document before a .php document.

You will need to try and figure out how they got into your server or it will happen again. Repairing the files won't be sufficient to stop them from repeating the 'attack'.

3

Re: My Xoops site has been hacked! How do I fix it?

2006/10/24 3:06
codyheit
Not too shy to talk
Posts: 150
Since: 2006/1/10

Thanks for the reply.

My hosting company and made changes to the server so it shouldn't happen again.

I have checked the main index.php file and replaced it with the default index.php. I have also checked for an index.html in this page and can't see one. So I have gone around to nearlly every index file I can find and uploaded the default index file over the top.

Unfortunalty it still hasn't fixed the problem.

Any other ideas?

P.S Here is the link:

http://www.sacotech.com.au/Extranet/

whttp://www.sacotech.com.au

4

Re: My Xoops site has been hacked! How do I fix it?

2006/10/24 11:34
codyheit
Not too shy to talk
Posts: 150
Since: 2006/1/10

Any ideas on how to fix this issue as I can't seem to work out how to fix it and my site has been down since saturday (4 days)?

whttp://www.sacotech.com.au

5

Re: My Xoops site has been hacked! How do I fix it?

2006/10/24 11:48
m0nty
XOOPS is my life!
Posts: 3337
Since: 2003/10/24

empty the contents out of templates_c except for index.html

also clear the cache folder aswell..

6

Re: My Xoops site has been hacked! How do I fix it?

2006/10/24 11:55
kaotik
Just can't stay away
Posts: 861
Since: 2004/2/19

The current site is running joomla. Did you temporarily replace XOOPS for joomla?

whttp://www.kaotik.biz

7

Re: My Xoops site has been hacked! How do I fix it?

2006/10/24 12:08
codyheit
Not too shy to talk
Posts: 150
Since: 2006/1/10

Have done but no luck.

whttp://www.sacotech.com.au

8

Re: My Xoops site has been hacked! How do I fix it?

2006/10/24 12:10
codyheit
Not too shy to talk
Posts: 150
Since: 2006/1/10

It isn't running joomla but I noticed that not only were the index files hacked but also the main files so I began replacing these with the default xoop main files and now when I try to go to the site it redirects to the page not found (Which is another site of mine which uses joomla)

Any ideas why it might have done this?

whttp://www.sacotech.com.au

9

Re: My Xoops site has been hacked! How do I fix it?

2006/10/24 12:11
codyheit
Not too shy to talk
Posts: 150
Since: 2006/1/10

.

whttp://www.sacotech.com.au

10

Re: My Xoops site has been hacked! How do I fix it?

2006/10/24 14:31
Arowana
Friend of XOOPS
Posts: 323
Since: 2004/8/6 2

well what I did awhile ago when something like this happened was get the same version of XOOPS and the modules then upload it all over again but do NOT replace config.php and you should be good. If this does not work then ask your host to restore from a back up. although most hosts say they dont back things up they really do.

Hope this helps

Arowana

Stats
Goal:	$100.00
Due Date:	Nov 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

My Xoops site has been hacked! How do I fix it?

Re: My Xoops site has been hacked! How do I fix it?

Re: My Xoops site has been hacked! How do I fix it?

Re: My Xoops site has been hacked! How do I fix it?

Re: My Xoops site has been hacked! How do I fix it?

Re: My Xoops site has been hacked! How do I fix it?

Re: My Xoops site has been hacked! How do I fix it?

Re: My Xoops site has been hacked! How do I fix it?

Re: My Xoops site has been hacked! How do I fix it?

Re: My Xoops site has been hacked! How do I fix it?

Login

Search

Recent Posts

XOOPS MyMenus 1.54.0 Beta 10

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}