On March 26, 2019 we launched new MODX Forums. Please join us at the new MODX Community Forums.

Answered Upgrade to 2.6.1

Subscribe: RSS
  • I'm trying to dig myself out of a muddle. I have several sites on a virtual server. One of the sites got hacked, and the baddie was able to break out of the hacked site and instert php files on all the others. I decided to upgrade all the sites, and all is well, except for one of them.

    I can't remember from what Revo version I'm upgrading, and I can no longer access the /manager.

    PHP 5.6 / MySQL 5.5

    The installation fails with this message:

    Fatal error: Call to a member function parseProperties() on null in /... path-to .../core/model/modx/modelement.class.php on line 524

    This is on the third click. First Click is language, Second - just continue, Third Choose New, Upgrade or Advanced. I choose upgrade, click Next and crash.

    I have deleted the 'old' site in its entirety - there was some evidence of tampering with file and folder permissions as part of the hack - so the only things coming from the 'old' site are the config.inc.php file and the database.

    I haven't yet gone the route of overwriting the 'old' dbase - trying to avoid re-writing the entire site.

    Anyone seen anything like this?



    Nic Boyde

    This question has been answered by BobRay. See the first response.

      MODX Revolution 2.6.5-pl (traditional)

      Hosted on MODX Cloud

      Skype: nicbaldeagle
    • discuss.answer
      I'm sorry you got hacked.

      Is it possible that it was an Evolution site? There's no direct upgrade path to Revolution.

      Did you upload the new files individually with FTP? That often results in missing or corrupted files.

      Another possibility is that some of the new files failed to overwrite the old ones (especially if you used FTP), so you're running a new setup on old core files.

      FYI, upgrading MODX by itself will help protect MODX from future hacks, but usually won't do anything to help with a site that's already been hacked since it's not the MODX core files that have been altered. For example, the user could have placed a file on your site (say under the assets or cache directory) with any name and still execute that file by entering it's URL in a browser no matter how many upgrades you perform.

      It's important to find the entry points the hacker is using (sometimes there's more than one). For starters, look for any users that don't belong and any plugins or snippets you didn't install. A plugin called something like core services is a common hacker entry point. Also look inside the index.php or any index.html files on the site for suspicious code.
        Did I help you? Buy me a beer
        Get my Book: MODX:The Official Guide
        MODX info for everyone: http://bobsguides.com/modx.html
        My MODX Extras
        Bob's Guides is now hosted at A2 MODX Hosting
      • Quote from: BobRay at Feb 01, 2018, 10:30 PM
        Is it possible that it was an Evolution site?

        Oops! Thought I'd converted them all. You are right: total database misrecognition will produce that error.

        I hope this silly question saves someone else from asking it.


        Many thanks BobRay.
          MODX Revolution 2.6.5-pl (traditional)

          Hosted on MODX Cloud

          Skype: nicbaldeagle
        • I'm glad you got it figured out. smiley
            Did I help you? Buy me a beer
            Get my Book: MODX:The Official Guide
            MODX info for everyone: http://bobsguides.com/modx.html
            My MODX Extras
            Bob's Guides is now hosted at A2 MODX Hosting