Hi there
My wife's website was hacked because she set her password as 'password'
http://biancaduval.com
Is it possible to rescue this site or, is it beyond hope?
We cannot login with her details as, the password has been changed.
Any ideas?
Thanks in advance
Ben
Rescue hacked account
-
staartmees
- Power Poster
- Posts: 1049
- Joined: Wed Mar 19, 2008 4:54 pm
Re: Rescue hacked account
move the current cms to a subdir
install a new cms but
choose a safe password of at least 16 characters >> http://www.strongpasswordgenerator.com
make sure you choose the same table prefix as for the old site
do not create the database
copy uploads from the old site to the new
install a new cms but
choose a safe password of at least 16 characters >> http://www.strongpasswordgenerator.com
make sure you choose the same table prefix as for the old site
do not create the database
copy uploads from the old site to the new
Re: Rescue hacked account
It appears that the hacker didn't mess too much with the site, and didn't try to get access to the files so, before a drastic measure, I would just reset the password on the db 1st to recover access to the back end and than assess the extent of the damages.
The way to do it depends on the version of your CMSMS installation... a recent procedure is described here, but you may have to search the forum for a similar procedure for older versions. As I said depends on how old your installation is and what upgrades have been made since 1st install.
On the other hand, your host may have backups of both files and DB, so that could be even easier, just replace all from a recent backup.
Just a word of caution: no matter what procedure you choose, make sure you backup everything before, just in case.
The way to do it depends on the version of your CMSMS installation... a recent procedure is described here, but you may have to search the forum for a similar procedure for older versions. As I said depends on how old your installation is and what upgrades have been made since 1st install.
On the other hand, your host may have backups of both files and DB, so that could be even easier, just replace all from a recent backup.
Just a word of caution: no matter what procedure you choose, make sure you backup everything before, just in case.
"There are 10 types of people in this world, those who understand binary... and those who don't."
* by the way: English is NOT my native language (sorry for any mistakes...).
Code of Condut | CMSMS Docs | Help Support CMSMS
My developer Page on the Forge
GeekMoot 2015 in Ghent, Belgium: I was there!
GeekMoot 2016 in Leicester, UK: I was there!
DevMoot 2023 in Cynwyd, Wales: I was there!
* by the way: English is NOT my native language (sorry for any mistakes...).
Code of Condut | CMSMS Docs | Help Support CMSMS
My developer Page on the Forge
GeekMoot 2015 in Ghent, Belgium: I was there!
GeekMoot 2016 in Leicester, UK: I was there!
DevMoot 2023 in Cynwyd, Wales: I was there!
Re: Rescue hacked account
By the look of the /admin login screen it is an old version - pre 1.9?
Yes I would approach host first to restore. Then quickly change admin passwords to something considerably more secure.
Then you ought to be upgrading really:
http://docs.cmsmadesimple.org/upgrading
To save further repair work on other systems, I'd also be asking my wife what other logins she has set to "password" and change them quick.
Good luck
Yes I would approach host first to restore. Then quickly change admin passwords to something considerably more secure.
Then you ought to be upgrading really:
http://docs.cmsmadesimple.org/upgrading
To save further repair work on other systems, I'd also be asking my wife what other logins she has set to "password" and change them quick.
Good luck
Re: Rescue hacked account
I would never trust a compromised website myself (unless I'd have a recent checksum file of the cms).
So I'd choose for 1.) backup, 2.) reinstall
After that, I'd go for a non default admin directory http://docs.cmsmadesimple.org/general-i ... ring-cmsms and of course a hard to guess password AND username. Make sure that username is not displayed in e.g. News/blog items etc.
So I'd choose for 1.) backup, 2.) reinstall
After that, I'd go for a non default admin directory http://docs.cmsmadesimple.org/general-i ... ring-cmsms and of course a hard to guess password AND username. Make sure that username is not displayed in e.g. News/blog items etc.
Re: Rescue hacked account
Thanks for all your help guys. I think i have enough now to go on.
Ben
Ben
