-
- 128 Posts
The website I manage was hacked. I've managed to upgrade and get the live website back working but I can't do anything in the CMS as everytime I click anywhere it diverts to spam pages. I can't even log out to clear the cache and flush permissions.
I've replaced all the js files which might have been the problem. I see from the control panel it says core folder is accessible by web. How do I fix this so that it is secure?
And how do I get access back to the CMS?
-
- 35 Posts
You will need to load a backup of all the files. Then upgrade Modx to 2.6.5 and then upgrade the Gallery extra to 1.7.1.
That's the only thing that worked for me.
-
- 128 Posts
Thanks, I managed to upgrade it to 2.6.5 but I can't access the CMS to upgrade any extras. Is the only way to delete the extras via cpanel then reinstall?
-
- 128 Posts
The most recent backup I have I think contains the hacks, I'm not sure I have a backup before then, would need to check.
-
- 128 Posts
Many thanks! I've deleted the components which gave me back access. I have now reinstalled.
Now when I install the gallery extra this seems to bring back virus popups! Is the gallery extra to be avoided now? Is there a way to get it back without viruses?
-
- 35 Posts
Gallery v1.7.1 has been patched so make sure you use that version
-
- 128 Posts
Ah thanks, I think I was viewing a cached page as have emptied and fingers crossed seems ok now.
-
- 35 Posts
Remember to rename /core/ht.access to core/.htaccess