Menu

Build a Joomla Website Forum

Free Joomla support for all and priority support for members.
  1. Bob Standish
  2. Priority Support
  3. Saturday, March 26 2016, 12:27 AM
  4.  Subscribe via email
I have a site that has been hacked and I need help. After two days of searching for malicious code, I give up. Does 'Build a Joomla Website' offer any free or even paid support for members? If not. can you recommend any next steps or services?
Dan Accepted Answer
0
Votes
Undo
Thanks Richard
Looks like they are both files, one being a 404notfound file.

I'll get hold of SG today, however when I click in my control panel on the fix malware tab it wants to send me to the $250/yr link...

I just checked out Watchful.li and while it looks interesting is it not performing functions that are automatically done with other plugins or app? i.e. Joomla informs me as soon as I log in that I need to update plugins and extensions and on a click of the button it does it for me. SiteGround automatically does a Joomla update for me as soon as it is available. I also have Akeeba products installed as well as a few other maintenance/diagnostic plugins. Hackguard is a SG local feature I have also purchased that notifies me each week of any malware hits... and that is where this all started. Each week an email is sent to me with daily scans. At one point each day was showing the same two files including malware... then one week two of the days were green... meaning there was no malware... followed by a few days of red on the same two files.
I've been through the demo videos for Watchful.li but can't find anywhere on the site where it says they are included in the monthly/annual fee or whether they are additional pay-for features.
Comment
You really shouldn't have to pay for malware removal IF you know the affected files/database.

The Watchful.li service is helpful as it warns you when it finds a changed file. It sounds like you already have this covered via SG. The Joomla update feature is helpful, but it's not instant. If you have a busy site, you're best to rely on official notifications from Joomla. You can subscribe here: https://developer.joomla.org/security-centre.html
  1. Richard Pearce
  2. 10 months ago
There are no comments made yet.
  1. more than a month ago
  2. Priority Support
  3. # 1
Dan Accepted Answer
0
Votes
Undo
I have had a similar message sent to me from SG host. I have hackguard installed but they are telling me I have 2 suspicious files (malware). I a paying for hackguard but apparently this only identifies malware and does not guard as it says... nor does it fix the problem?
Instead they are suggesting I use sucuri (at $199/yr!) to fix it?
Surely there is some way besides doling out another $250 Cdn for this? I have backups but can't be sure which one would be malware free.
Comment
I would go back to SiteGround. Can they advise if the issue is with files or the database? If it is just files and you can identify the affected files, then all you need to do is overwrite those files with the corresponding files from the latest Joomla download.

However if the issue is with the content or settings stored in the database then it's a bit trickier. Again it would help to know what exactly has been affected and as I'm not familiar with their extension, I don't know what information, if anything, is captured. The support at SiteGround can be hit and miss, so if you don't get an acceptable answer, you might want to give it 12 hours and rephrase your question. You might get a more helpful tech.



Moving forward, I've got to state the same thing as I always do - keep your installation and extensions (including the template) up-to-date and you'll prevent 90% of problems. You'll never get 100% protection, but other things that can help are Admin Tools by Akeeba and a Watchful.li subscription.
  1. Richard Pearce
  2. 10 months ago
There are no comments made yet.
  1. more than a month ago
  2. Priority Support
  3. # 2
Tristan Montano Accepted Answer
0
Votes
Undo
Hi Bob,

Sucuri.net offers some tools and services to help you identify the kind of malware your site is infected with. Check out their site and try their Site Check tool.
References
  1. https://sitecheck.sucuri.net/
Comment
There are no comments made yet.
  1. more than a month ago
  2. Priority Support
  3. # 3
Laurie Accepted Answer
0
Votes
Undo
Hi Bob!

Do you have a current backup (from before the hack, of course)?

Maybe this can help:

How do you know the site is hacked? What is it doing? Does GWT give any help in identifying the trouble?

Have you checked the .htaccess file?

Your host may have a backup and restore it for free or at a reasonable cost.
Comment
There are no comments made yet.
  1. more than a month ago
  2. Priority Support
  3. # 4
  • Page :
  • 1


There are no replies made for this post yet.
However, you are not allowed to reply to this post.

Free Joomla TutorialLearn Joomla for free with our 16 lesson, 2 hour course.

Get Started