A relative asked me to fixed a Joomla website (v2.5.16) who has been hacked last year, probably due to lack of update (is up to date now), unfortunately I have no information about this. The issue is that the front end take 2~ min to load. The administration is loading normally so whatever the issue is, it depend of the front end. I already disabled all modules one by one and switched the template with another one to make sure that thebug is not in template or plugins folders, without success.
I must add that the problem is "probably" more recent than the hack, according to this person. So maybe there was a script somewhere reaching a random server which may not work anymore.
PS : the website is on a shared hosting. I have the FTP access but no ssh.
I know that I don't give any details which can lead to resolve this, but I need more a method to track what can go wrong and where than a solution.
Thanks in advance,
We have written a lengthy post explaining why a website might be slow: http://www.itoctopus.com/20-questions-you-should-be-asking-yourself-if-your-joomla-website-is-slow
From the looks of it, it might that the website is still hacked. Try overwriting the Joomla files with a fresh Joomla install and see if that addresses the problem.
Solving this issue will probably involve some or all of the following:
updating Joomla and all third party extensions to the latest versions
checking for and fixing malicious files using http://myjoomla.com or
https://sucuri.net or similar
analysing the performance of the website using http://gtmetrix.com
(it's free) or similar to pinpoint and fix what is taking the most time to
load
If the website has been hacked, you may need to reset passwords etc once the malicious files have been removed. See https://joomla.stackexchange.com/a/180/120 for more information about securing the website once it is fixed.
Related
Good day/night great minds,
I have a perfectly functional website hosted online at the following url: www.gmaworld.com (malware infected). Unfortunately This site is infected with malware. I am looking to transfer the contents to another setup to get rid of the malware.
My concern however is how to backup/retain the current addons that i have in the current set up so i dont loose them during the new setup.
I have read through most of the migration/upgrade articles for joomla and none seem to mention anything in this regard. If it does help, I am using the shaper_qubic theme.
I will appreciate every bit of advice to help me ensure a successful transfer of my addons.
Thank you.
If you are rebuilding your website to eradicate malware, the best course of action is to re-download Joomla and third party extensions from the official websites and start again.
It's possible (by examining the contents of the extension XML install file) to download all the relevant folders and files which you could then zip back into a Joomla install file but this would be a tedious process, likely prone to manual error and possibly still have vulnerabilities if these aren't the latest versions.
To keep a website secure, you should be installing Joomla and third party extension updates on a regular basis. If you have commercial extensions on your website, you'll need to renew your subscriptions in order to have access to updates.
If cost is an issue, then try to replace commercial extensions with free extensions or try to implement features using core Joomla instead. This is often possible when new features are implemented in the core.
An alternative way to retain your extensions is to clean up the malware without rebuilding your site.
The myjoomla.com audit / clean up tool does this quite well and is a much quicker way to recover your website compared to a complete rebuild.
You will probably still need to update Joomla and third party extensions to the latest versions to prevent a recurrence.
You have best free options available and not only that it is super easy to take backup and restore your site anywhere either in localhost or any other webhost. I hope you have access to backend Administrator side
Steps
Download Akeeba backup http://extensions.joomla.org/extension/akeeba-backup and install it.
Take a backup of your entire site going to components->Akeeba Backup .backup will have extension JPA backup.jpa format. it wont open in normal extractors. To open the zip file follow the next step.
Download the extract wizard from https://www.akeebabackup.com/products/akeeba-extract-wizard.html . This will help you to extract the backup file in your desktop.
To Clean the website files use kaspersky Internet Security demo version. it cleaned many of my infected files. And do a vulnerability scan installing it in localhost to know where are the loopholes.
A friend has asked me to do some work on his existing site which was built in Rapidweaver. I'm on Windows, so is there another way I can access and edit his site?
The Rapidweaver project file is meant to be edited only in Rapidweaver, really. As far as I know, the only way around would be to use an HTML editor to modify the pages that are already in the server. However, I would not reccomend you to do it unless you are not going back to Rapidweaver anymore. Because changing the files in the server does not update your local Rapidweaver files. So, you could end up editing something in the server, then getting back to Rapidweaver and upload a "new" version that would not be completely up to date (the previous changes in the server version would be overriden by the older rapidweaver project).
For that kind of work, a CMS (Content Management System) is a more flexible way to work. Nowadays, one of the most common is Wordpress. It will require an inicial setup but after it is working it can be updated from anywhere via web browser, or even from an app in your iPhone. But it is not a Rapidweaver based sollution.
There are a couple CMS related plugins or stacks (Dropkick CMS, Armadillo, Easy CMS, Total CMS...) for Rapidweaver that could also be useful in this context. Once again, first you would need to buy a licence and to setup the website using one of those plugins or stacks. Only then you would be able to edit on the go.
I have a bit of bad habbit, I install joomla on xampp and test all extensions and things im planning to add on the website there. Then I go to live website and try to start it from scratch, but it get very confusing and stressing this way..
I am thinking of just uploading the xampp joomla site to a live server but I am worried about these things:
I have installed/uninstalled some extensions (10+) do these leave behind any corrupted files in general or cause any problems?
Any tips cause im really worried now, the website has grown a lot and I cant start it from start even looking at the notes I took while making it. Uninstalled extensions do they leave any files behind or cause any problems? Right now the website works good on XAMPP.
Any tips or suggestions greatly appreciated,
Ammy
Most extensions uninstall fairly cleanly. You can be sure by using an FTP client and looking under /components, /plugins, and /modules (and/or their counterparts under /administrator) for leftover directories with the extension's name. You can also use PHPMyAdmin or somesuch to look for leftover database tables with similar names.
Even if files and tables are left behind, they're unlikely to cause problems with the site. I understand the desire to keep a tidy codebase, but that's not a good reason to build a site twice.
Most extensions delete their files on an uninstall. This is because Joomla does this job itself, the extension doesn't have to do anything for this to work.
However the tables are a different beast. While it would be very easy for extensions to delete their tables on uninstall, there are different ideas about this. Some argue that they don't want to be responsible for deleted data and thus leave the tables behind.
Also entries in the assets, categories, tags mappings and menu tables are likely to be lying around after an uninstall. Most extensions will not clean those tables up during uninstall.
There may also be leftovers in files, if the extension used some library like fof or similar. There is no ckeck if the uninstalled extension was the last one that used that library. So you need to uninstall those manually, but you need to know if it's used or not.
The leftover tables and entries don't generate any problems except for a bit more memory usage. However a leftover library may be a huge security issue as it may contain a bug which could be abused. Since no extension is using it anymore, it will never get updated and the bug doesn't get fixed.
I am working on a dynamic site on Joomla!, most of the coding is done in Juni module and component.
I have some dynamic features which I want to test it on my already published site, I fear that if any thing goes wrong by attaching it to the published site.
I want to ask is there any modules of plugins for Joomla! which allows me to test my dynamic functionality on the published site, and Is there any extension to recover my site to previous state(like version control system of my site...)
Where is a quick checklist with what you can do:
The easiest way to play around is to install Joomla! on your own computer where you can test everything without any worries
To get your websites like "versioned" or to have a complete backup, the most used and trusted solution is AkeebaBackup.
My advice would be NOT to play directly with the live website without doing a backup, especially if you are "testing" stuff.
I actually think it makes more sense to test first on a copy that is in the exact same server environment as the live site.
How to test live is always a hard thing, sooner or later you have to do it, but you want to get as much testing done as you can without doing it. Depending on how the feature is being rendered you may be able to use acl to prevent it being rendered to normal users.
I developed and I am now supporting a Joomla 1.5. It appears that it was hacked recently with: MW:SPAM:SEO (http://labs.sucuri.net/db/malware/malware-entry-mwspamseo). I have looked at the directory structure (using FTP) and I have discovered a folder called: 'f42ad68b3fb9cdd940d9eacc861791aa' in libraries\joomla\session\storage. What is this folder used for? I never used it when I developed the website.
The default files within libraries\joomla\session\storage are:
acp.php
database.php
eaccelerator.php
index.html
memcache.php
none.php
xcahe.php
Extensions installed should not manipulate any core Joomla files and store anything within the core folders. there is there are any, delete them for security reasons.
The majority of files notied above are for sessions and cache For more information on sessions, please read: php.net/manual/en/intro.session.php
As for solving hacking in the future, I answered a question not long ago which explains some things you can do and recommended extensions.
Joomla! 2.5.4 Hacked: Having trouble with diagnosis
I've had a cope of attacks from this malware. In my case it seems to have entered through an image slide plugin ( for joomla 2.5).
For want of a better approach I downloaded the whole site and serched for
t='';}}x[l-a]=z;}document.write('<'+x[0]+' '+x[4]+'>.'+x[2]+'{'+x[1]+'} ');}dnnViewState();
This is the malware code string as per the sucuri scan of the site. There was one instance of this in a javacript script, which when removed produced a clean bill of health for the site according to the the sucuri scanner.
I would not lightly delete a whole folder of files, particularly as this malware has a small footprint - only 1 line of javascript.
I know this thread is well out of date but perhaps others are still having problems. My infections occurred around Feb 2013