Good day/night great minds,
I have a perfectly functional website hosted online at the following url: www.gmaworld.com (malware infected). Unfortunately This site is infected with malware. I am looking to transfer the contents to another setup to get rid of the malware.
My concern however is how to backup/retain the current addons that i have in the current set up so i dont loose them during the new setup.
I have read through most of the migration/upgrade articles for joomla and none seem to mention anything in this regard. If it does help, I am using the shaper_qubic theme.
I will appreciate every bit of advice to help me ensure a successful transfer of my addons.
Thank you.
If you are rebuilding your website to eradicate malware, the best course of action is to re-download Joomla and third party extensions from the official websites and start again.
It's possible (by examining the contents of the extension XML install file) to download all the relevant folders and files which you could then zip back into a Joomla install file but this would be a tedious process, likely prone to manual error and possibly still have vulnerabilities if these aren't the latest versions.
To keep a website secure, you should be installing Joomla and third party extension updates on a regular basis. If you have commercial extensions on your website, you'll need to renew your subscriptions in order to have access to updates.
If cost is an issue, then try to replace commercial extensions with free extensions or try to implement features using core Joomla instead. This is often possible when new features are implemented in the core.
An alternative way to retain your extensions is to clean up the malware without rebuilding your site.
The myjoomla.com audit / clean up tool does this quite well and is a much quicker way to recover your website compared to a complete rebuild.
You will probably still need to update Joomla and third party extensions to the latest versions to prevent a recurrence.
You have best free options available and not only that it is super easy to take backup and restore your site anywhere either in localhost or any other webhost. I hope you have access to backend Administrator side
Steps
Download Akeeba backup http://extensions.joomla.org/extension/akeeba-backup and install it.
Take a backup of your entire site going to components->Akeeba Backup .backup will have extension JPA backup.jpa format. it wont open in normal extractors. To open the zip file follow the next step.
Download the extract wizard from https://www.akeebabackup.com/products/akeeba-extract-wizard.html . This will help you to extract the backup file in your desktop.
To Clean the website files use kaspersky Internet Security demo version. it cleaned many of my infected files. And do a vulnerability scan installing it in localhost to know where are the loopholes.
Related
A relative asked me to fixed a Joomla website (v2.5.16) who has been hacked last year, probably due to lack of update (is up to date now), unfortunately I have no information about this. The issue is that the front end take 2~ min to load. The administration is loading normally so whatever the issue is, it depend of the front end. I already disabled all modules one by one and switched the template with another one to make sure that thebug is not in template or plugins folders, without success.
I must add that the problem is "probably" more recent than the hack, according to this person. So maybe there was a script somewhere reaching a random server which may not work anymore.
PS : the website is on a shared hosting. I have the FTP access but no ssh.
I know that I don't give any details which can lead to resolve this, but I need more a method to track what can go wrong and where than a solution.
Thanks in advance,
We have written a lengthy post explaining why a website might be slow: http://www.itoctopus.com/20-questions-you-should-be-asking-yourself-if-your-joomla-website-is-slow
From the looks of it, it might that the website is still hacked. Try overwriting the Joomla files with a fresh Joomla install and see if that addresses the problem.
Solving this issue will probably involve some or all of the following:
updating Joomla and all third party extensions to the latest versions
checking for and fixing malicious files using http://myjoomla.com or
https://sucuri.net or similar
analysing the performance of the website using http://gtmetrix.com
(it's free) or similar to pinpoint and fix what is taking the most time to
load
If the website has been hacked, you may need to reset passwords etc once the malicious files have been removed. See https://joomla.stackexchange.com/a/180/120 for more information about securing the website once it is fixed.
I am looking for an extension to my joomla site where users can download pdf instruction sheets, forms, etc from a list of files available. I would must rather it forced them to log into the site to be able to download but I can adjust that by just making the module accessible to registered people only. So that is not a must have.
Anyone knows of any extension like this one? I know JoomlaShine has this extension in their JSN CUBE template but they don't offer it by itself.
Akeeba Release System (ARS on JED) is probably the best solution of it's kind and is free to download, we use it on several of ours and our client sites.
You can also combine it with the Akeeba Subscriptions (AkSubs on JED) system to manage site access including integrated access to file downloads.
Of course there are lots of document download extensions on the the Joomla Extension Directory.
how to update my own joomla 1.5 components?
i have 2 components i made with my team, that we use on our web site. (on joomla 1.5..... we didn't upgrade for the moment)
we often make updates to fix bugs, to add new featers etc...
to put update on production server , we use FTp, and we change the files that have to be changed........ needless to say, how bad it is.....
i am looking for joomla component, plugin .... to make me able to make updates on my components/template , faster and safer (i imagine, a Zip file containing what have to be changed, and a rollback function, that allow to restore a version if there is problems)
All i found is components that allow to update the joomla core (to 2.5 for exemple).
any idea?
You could use Akeeba Live Update. It's basically a 1 click update system that downloads the update zip you upload to the FTP or other host, then unzips it, updating the extension. The first time you try it out, it might be a bit hard to get used to and will probably take a little trial and error, however its the best and I think only out there at the moment. The likes of Kunena also use this system.
I developed and I am now supporting a Joomla 1.5. It appears that it was hacked recently with: MW:SPAM:SEO (http://labs.sucuri.net/db/malware/malware-entry-mwspamseo). I have looked at the directory structure (using FTP) and I have discovered a folder called: 'f42ad68b3fb9cdd940d9eacc861791aa' in libraries\joomla\session\storage. What is this folder used for? I never used it when I developed the website.
The default files within libraries\joomla\session\storage are:
acp.php
database.php
eaccelerator.php
index.html
memcache.php
none.php
xcahe.php
Extensions installed should not manipulate any core Joomla files and store anything within the core folders. there is there are any, delete them for security reasons.
The majority of files notied above are for sessions and cache For more information on sessions, please read: php.net/manual/en/intro.session.php
As for solving hacking in the future, I answered a question not long ago which explains some things you can do and recommended extensions.
Joomla! 2.5.4 Hacked: Having trouble with diagnosis
I've had a cope of attacks from this malware. In my case it seems to have entered through an image slide plugin ( for joomla 2.5).
For want of a better approach I downloaded the whole site and serched for
t='';}}x[l-a]=z;}document.write('<'+x[0]+' '+x[4]+'>.'+x[2]+'{'+x[1]+'} ');}dnnViewState();
This is the malware code string as per the sucuri scan of the site. There was one instance of this in a javacript script, which when removed produced a clean bill of health for the site according to the the sucuri scanner.
I would not lightly delete a whole folder of files, particularly as this malware has a small footprint - only 1 line of javascript.
I know this thread is well out of date but perhaps others are still having problems. My infections occurred around Feb 2013
I develop a Joomla component. At the moment whenever I release a new version I ask the user to download a zip file and to manually upload the changed files via FTP. While this is ok for small releases, when a lot of files have been modified it is a slow, painful and error prone process. As alarming as it may be, many users installed Joomla via Fantastico one-click install and are not familiar with or comfortable using FTP.
I have recently added support for Joomla 1.6 which seems to provide a nice update facility for automated updates. Unfortunately the documentation seems to be lacking, e.g. what is the tags element, can the download type not be "full" and if so what would that look like?
Can any one explain the update process better or provide any good examples?
Joomla 1.5 is going to be around for a long time, is there a similar update process for 1.5?
For Joomla 1.5 at least, there is no need to use FTP for updating. In your XML manifest you can set the component to update. Rather than download, upzip, and FTP up, all your users would need to do is download the entire package, then install via the Joomla admin.
I am not sure about 1.6, your best bet would be to take apart a 1.6 component. It is my understanding that it is a rather simple process.