-
- 330 Posts
So I got a Google error on my site saying content from inversionesrd.net. I did a Sucuri scan and it indicates the index.php file has malicious code added to it. I tried to FTP the file and open it in my text editor to look at the code but no matter what I get a access denied error message.
I am very concerned and am not sure what to do! Any help is appreciated!
-
- 24,544 Posts
Go to cPanel's file Manager and rename it (changing the permissions on it there if necessary). Then replace it with the MODX index.php file from a backup or a download of that version of MODX.
This probably won't solve your problem permanently, since there may be other bad files and/or a back door, but it should pacify Google while you figure things out.
Immediately after renaming the file, change all your usernames and passwords for the site (MODX, cPanel, DB, FTP). Whether that will protect you from further incursion depends on how the hacker got in in the first place.
What version of MODX are you running?
You should also set the permissions for the index.php and config.inc.php files to read-only. While this won't protect against somebody who gets root access to your server, if that happens you (and your hosting company!) have much bigger problems.