Joomla Site Hacked

[drewinc]

Our Joomla site was hacked last night --- The admin password, and the index.php were altered.

I have reset the admin password and restored the index.php so the site is now working.

I am running on J1.5.5 (I know my own fault) but now when I try and update to J1.5.8 i get the following error..


Warning: require_once(/var/www/administrator/includes/framework.php) [function.require-once]: failed to open stream: Permission denied in /var/www/administrator/index.php on line 22

Fatal error: require_once() [function.require]: Failed opening required '/var/www/administrator/includes/framework.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/administrator/index.php on line 22

Any Ideas what is causing this ? I have now put it back to J1.5.5 and left the site offline.

thanks in advance

Drew

[powdarrmonkey]

Can you paste a chunk from the top of your index.php? It is is including a file that's not in the right place.

[Geoff]

The permissions on '/var/www/administrator/includes/framework.php' are incorrect, make sure your webserver can read/execute the file. Or the file is misisng/corrupt.

[drewinc]

Its definately permissions,,,, Im not FTPing the files , It is running on a Ubuntu server and the files Im copying accross do not have the correct permissions set.

Ill have a go at changing the permissions and get back ,

thanks for the prompt replies.

[drewinc]

Ok changing some permissions now allows me in the backend ,,, the front is giving other permission problems.

Is there a way I can set all the permissions correctly via terminal on the Ubuntu server so I dont have to change these files individually ( Im a total Linux newbie ).

[wesleyw]

Quick way would be at www go up a level and type chmod -R 755 <foldername> you could then change permissions for files and folders that need other permissions individually.


Wes

[Edu-IT]

Slightly related, I'm running version 1.5.3 of the package. I take it that I am fine to upgrade to the latest version from the Joomla site?

[SYSMAN_MK]

Yes and I would update ASAP!

[drewinc]

Everything is working fine now -- thanks for the replies. The site is now running 1.5.8 -- just need to check all the file permissions but all seems good.

[Edu-IT]

Yes and I would update ASAP!

I will do it tonight when I get home. It's on a private development server which nobody knows the address of so I think I'm alright to wait until this evening.