⚠️ Urgent! Active Attacks on MODX Revolution Sites Below Revolution 2.6.5
Subscribe: RSS
  • On July 12, 2018, we released MODX Revolution 2.6.5 to close two critical vulnerabilities.

    On July 16, the members of the MODX team were notified that an example attack script was shared publicly that would enable hackers to modify and use for malicious purposes. Starting on July 18th, 2018, the MODX team began receiving reports that these attacks were compromising MODX Revolution websites.

    Upgrade Now
    If your site has not been hacked, you MUST upgrade* to MODX Revolution 2.6.5 and all Extras immediately.

    Already Hacked
    If your site has been compromised, do not panic. It may be possible to recover the site if you have a backup from prior to July 18th, 2018.

    Once you have restored from a backup, you should immediately upgrade to MODX Revolution 2.6.5 and then upgrade all Extras from within the MODX Manager, including Gallery if it is installed. Once you login to your site Manager (e.g., at https://www.example.com/manager/), navigate to the top "Extras" menu and press the orange "upgrade" button for each Extra that needs to be upgraded.

    No Backup; Still Hacked
    The MODX Services team has experience in hacked site remediation. Also some MODX Professionals may have similar experience. Sucuri.net also provides hack remediation to identify and remove compromised files.

    Need Help with Upgrades
    If you do not know how to upgrade your site there are several support options available. You can contact the developer or builder of your site, ask for help in the MODX Forums, find a MODX Professional or get help from the MODX Services team.

    Staying Abreast of Releases is Critical
    We cannot stress how important it is to update sites to the latest versions of MODX as they are released. While this active exploit is unusual in the MODX Community, it does underscore the need to be vigilant with new releases and security patches.

    * Experienced MODX developers can do an interim manual patch on 2.6.x and above by replacing the following files here, here and if it exists, this file. [ed. note: smashingred last edited this post 2 months, 4 weeks ago.]
      Author of zero books. Formerly of many strange things. Pairs well with meats. Conversations are magical experiences. He's dangerous around code but a markup magician. BlogTwitterLinkedInGitHub

    This discussion is closed to further replies. Keep calm and carry on.