Fix Hacked Joomla

Have you made a website in Joomla and noticed suspicious activity or even issues with hacking? We can help you with some simple steps to restoring your site to working order.

Having worked on Wordpress for years, you decide to change your website backend and rebuild using the open-source CMS (Content Management System) Joomla. The second most popular CMS system, Joomla allows you to combine e-commerce and social-networking without too much difficulty. Everything works great and you are loving the ease of moderation switching CMS options has brought you. It was a bit of a risk… sure, but your site seems to be working really well. You could say you were feeling pretty chuffed. Joomla as the second most popular CMS is very well supported and you update your site, installing loads of plugins to help make your site easier to navigate. You even add on a ‘lite’ social-networking add on, a forum of sorts to allow your customers to discuss your products and share their experiences. It looks pretty damn good and seems to be as easy as pie.

One day you check your website, and there seems to be something amiss. Customers have emailed saying that their experience using your website has been pretty ‘iffy’… so you go to investigate. It seems that when customers click on an item to add to the basket, it redirects to another website. Must be hackers. Also some of the images have been modified… a classic hacker tactic.

There are a number of practical steps you can take should you come across any issues with your Joomla website.

• Firstly, do not panic. This doesn’t resolve the issue. You need to focus.
• Make a backup, yes… even of the infected website. This can be used to look at later and analyse the issues and how to avoid them going forward. By this I mean you can compare the data files of your backup from pre-hack to post-hack. This way you can see how the files are manipulated
• Check with Google for a diagnostic of your site, so you can see whether your site is considered a safe browsing experience. Copy the following link and replace the bolded section with your website; www.google.com/safebrowsing/diagnostic=http://YourSite.com

This simple step will allow you to immediately see if your Joomla has infected by hackers. This is from a previous article I wrote fairly recently, but applies here.

Log into Search Console, register and verify your site. Once you have verified your website in Search Console, you can then navigate straight to the ‘Security Issues’ tab on the lower-left side of the screen.

This simple tool will highlight infected links or those that may link to a compromised site, allowing you to remedy the situation. It’s advised you fix these issues properly or your site is likely to be reinfected, further impacting the damage caused to your sites reputation.

Following one from the steps I have mentioned, now continue with the following steps to remedying your hacking issues.

• Notify your website host that your Joomla site has been hacked, or compromised by malware. They may be able to trace this for you.
• Follow the advice google gives you on responding to being hacked here.
• Restore your Joomla site from a backup, prior to the hacking problems. This may be the simplest and safest method if your site has been irrevocably ruined. To do this you have to delete all the files from your hacked site and replace with the clean version. If you overwrite the hacked site, you are merely placing code on top of the scripts employed by the hacker in the first place.
• Update all your plugins, and ensure you only use plugins that are frequently updated.
• Enlist support from a trusted security expert by downloading the free website scanner from FixHacked. You can try it for free for a month. If you are stuck or unsure at any point, you can always Hire an Expert to help you with the issues you are experiencing. The Fixhacked Expert can also help you with advice on how to clean up your hacked site, and the steps you need to take going forward if you cannot diagnose the hacking source yourself.
• Change all your log in details and database passwords. This as I have mentioned in other articles is something you should do be doing on a semi-regular (at least!) basis. Maintain the vigilance with regards to this.

These are the steps to take to install the Fixhacked scanner on your Joomla website:

1. Download the simple to use exploit scanner from HERE. This creates a site specific file which will download to your computer.
2. Upload this to your Joomla site, it works exactly like installing a plugin.
3. Activate the scanner, and let it do all the work of scanning your files. Initially there may be a slight impact to the website speed, but in the long run it will resolve the issues you have.
4. Following the scan, we tell you which files are corrupted and which could be exploited. Providing you with a solution to any exploitation issues you may have.