Joomla Site Hacked
Our Joomla site was hacked last night --- The admin password, and the index.php were altered.
I have reset the admin password and restored the index.php so the site is now working.
I am running on J1.5.5 (I know my own fault) but now when I try and update to J1.5.8 i get the following error..
Warning: require_once(/var/www/administrator/includes/framework.php) [function.require-once]: failed to open stream: Permission denied in /var/www/administrator/index.php on line 22
Fatal error: require_once() [function.require]: Failed opening required '/var/www/administrator/includes/framework.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/administrator/index.php on line 22
Any Ideas what is causing this ? I have now put it back to J1.5.5 and left the site offline.
thanks in advance
Can you paste a chunk from the top of your index.php? It is is including a file that's not in the right place.
The permissions on '/var/www/administrator/includes/framework.php' are incorrect, make sure your webserver can read/execute the file. Or the file is misisng/corrupt.
Its definately permissions,,,, Im not FTPing the files , It is running on a Ubuntu server and the files Im copying accross do not have the correct permissions set.
Ill have a go at changing the permissions and get back ,
thanks for the prompt replies.
Ok changing some permissions now allows me in the backend ,,, the front is giving other permission problems.
Is there a way I can set all the permissions correctly via terminal on the Ubuntu server so I dont have to change these files individually ( Im a total Linux newbie ).
Quick way would be at www go up a level and type chmod -R 755 <foldername> you could then change permissions for files and folders that need other permissions individually.
Slightly related, I'm running version 1.5.3 of the package. I take it that I am fine to upgrade to the latest version from the Joomla site?
Yes and I would update ASAP!
Everything is working fine now -- thanks for the replies. The site is now running 1.5.8 -- just need to check all the file permissions but all seems good.
I will do it tonight when I get home. It's on a private development server which nobody knows the address of so I think I'm alright to wait until this evening.
Originally Posted by SYSMAN_MK