Generally, backup is something you need to breathe, not just use, if you are in this business. It's the number one security tool. Having a fresh and usable backup can be a life saver in a number of situations, not only when your site is hacked, but on a great number of other situation, beginning from human error (accidentally deleted key parts of site - or just forgot to pay your hosting bill) to situations out of your control, as a hardware/software failure. And is essential to have an easy to use tool to move your site around - from local development environment to live hosting, or from one server to another. Enter Akeeba Backup (former Joomla Pack), a must have tool for any Joomla webmaster.
Baba Yaga is an entity that haunts the dreams of children and a common threat that parents use when their children misbehave in Slavic countries across Eastern Europe.
But in the world of malware, BabaYaga is a form of malware that can update itself, use antivirus functionality and more. Much like the mythical creature, BabaYaga malware has the potential to haunt Joomla/WordPress or, in fact any PHP site administrators and IT support staff.
Change your database password while having no downtime
Changing your database password is something you rarely need, but then you need it immediately, and with the lowest possible downtime. Why you should do that, in first time? Hm, there are many reasons/situations when you should consider changing your database access data ASAP:
- You just got hacked
- You have decided to end the business with your current developer, and you aren't sure that he's a trustable person
- You have a good habit of changing all your passwords regularly
Clean Hacked Website Files
By comparing infected files with known good files (from official sources or reliably clean backups) you can identify and remove malicious changes.
To manually remove a malware infection from your Joomla! files:
Log into your server via SFTP or SSH.
Create a backup of the site files before making changes.
Search your files for reference to malicious domains or payloads you noted.
Identify recently changed files and confirm whether they are legitimate.
Review files flagged by the diff command during the core file integrity check.
Restore or compare suspicious files with clean backups or official sources.
Remove any suspicious or unfamiliar code from your custom files.
Test to verify the site is still operational after changes.
If you can't find the malicious content, try searching the web for malicious content, payloads, and domain names that you found in the first step. Chances are that someone else has already figured out how those domain names are involved in the hack you are attempting to clean.
Diff tools to compare suspicious files with known-good copies:
Did you upgraded to Joomla 1.0.13 and now you can't login?
Do you are an early adopter and you upgraded to Joomla 1.0.13? And you have Community Builder, VirtueMart or SMF Bridge...and you cant' login right now, and/or your users are complaining about the same problem. We're sorry for you... Do you have a backup? Then is simple, restore the Joomla 1.0.12 files, overwriting the actual files with those from the official distribution package and restore the jos_users or similar (or at least the passwords column from that).
Do you have backup, don't you? No??? Ouch... humm, then the job is a bit harder, but can be done!
So, still you can do the file restore? Good, do it. Then read below!
- Joomla Custom Fields Part Deux! with Marc Dechèvre - ???? Watch Me Work 056
- Learn Joomla 4 Power Tips - Upgrading to Joomla 4
Virtual spring cleaning for your Joomla sites
Websites take maintenance, and making a habit of performing a little spring cleaning each year can keep a business website running smoothly. The tips below does not apply for Joomla sites alone, any site can benefit from most of these tricks and tips.