We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
MODX Community Forums Archive

How to restore my site, was totally hacked, old, out of order but database intact!

    • 54423
    • 1 Posts
    torakosmos Reply #1, 5 years, 9 months ago
    Hello fellows,

    the site did not work properly anymore (any page else than the menu was not found) and after this even a lot of php files were hacked and something added to them but the database with all my texts and what is also stored in there is still there and intact and any files that are custom for my site with content added by me seem to be still there also. How can I restore my site by changing to the newest version of modxrevolution? Which files I may delete and which ones to keep or edit? Configuration files are still there as it looks (i saw config.core.php is intact) but I do not know which ones I need to look for. Please can anyone tell me what files I need to keep/delete and what I need to change in which files to install a fresh modx version to continue using my old database? The modx version that was installed is revolution 2.3.3.pl.

    Thank you in advance
    Andreas
      • 38783
      • 571 Posts
      Andy Tough Reply #2, 5 years, 9 months ago
      If you have a backup of your file from before the 17th July then restore those.

      If not then I would suggest that the following might work. Backup your hacked site first - so you can have another go if it all goes wrong!

      Install a new installation of MODX 2.3.3 on another domain/sub domain or local server with its own database.

      Install all the extras you had previously installed. They would need to be the same versions as previously installed.

      This should result in a set of files that would match your exiting database requirements. At this stage your new site would be missing the pictures, document CSS etc files in your 'assets' folder.

      You could then move the files from the new install to the correct domain, correct the paths in the config files and correct the core config file to connect to the old database and see if things work as expected. If they do then you could upgrade to 2.4 then 2.5 then 2.6 then 2.6.5. Bobs upgrade MODX extra could help with this. Make sure you also upgrade all extras (especially Gallery if installed).

      Then you would need to put back in any missing assets like pictures.

      Assuming your site was completely compromised you should also change all passwords and user names for database connections, FTP etc.

      The 'harden' your site

      The docs will help

      https://docs.modx.com/revolution/2.x/administering-your-site/moving-your-site-to-a-new-server

      https://docs.modx.com/revolution/2.x/administering-your-site/security/hardening-modx-revolution [ed. note: andytough last edited this post 5 years, 9 months ago.]
        If I help you out on these forums I would be very grateful if you would consider rating me on Trustpilot: https://uk.trustpilot.com/review/andytough.com

        email: [email protected] | website: https://andytough.com