De-hacking an already hacked Joomla website

Dean Marshall Consultancy's team of Joomla website experts understand web security.  You can rely on us to help you with your Joomla website's security.

Help - My Joomla Web Site Has Been Hacked

We have a vast array of experience when it comes to de-hacking Joomla websites or resurrecting your website from back-ups. If your Joomla website has been hacked then you need our help. We offer three main services for recovering a hacked website:

  • a) Restoring a site from a known good Joomla website back-up
  • b) Cleansing a hacked site in-situ
  • c) Full clean rebuild of site's files

Restoring a web site from a Joomla website backup

Having a reliable and thoroughly tested Joomla back-up routine is the ultimate protection against hackers (well, technically crackers, but that's another article).  Having a backup doesn't mean your website can't be hacked - but it does mean that in the event of a security incident you can delete everything (or move web hosting elsewhere) and have your site back up and running in minutes.

If your website has been hacked and you have a back-up - we can help get you up and running in a very speedy manner.

Cleansing a hacked Joomla site

Unfortunately it is all too common to find that hacked Joomla websites are operated by users who for whatever reason have no viable back-ups available to them.  Where a Joomla website is hacked and there is no usable back-up available, there are two ways to end up with a clean set of Joomla files complete with all of your add-ons but without any dropped files.

Method 1: Cleaning out the hacker files from a Joomla site

Put simply - examine the files and folders within the system - removing anything that doesn't belong, or that has been tampered with.  Whilst this sounds simple - in truth it is anything but. Joomla is built from thousands of files in many folders and sub-folders. Most sites have modified a number of their files and almost everyone has installed any number of the 4,000 or so Joomla extensions available.  Add to that the constantly changing array of possible threats and you can see that this process will require some level of automated scanning and some human intuitive snooping.  Whilst this is the quicker of the two methods it is somewhat less thorough than the more comprehensive 'full clean re-build'.

It goes without saying that this requires some considerable expertise and also a familiarity with Joomla in order to identify what definitely belongs versus suspicious files that hackers have left behind. When you see reports of Joomla sites being hacked time and again - it is invariably down to hacker files left behind creating back-doors which future hacking attacks will exploit.

Method 2: Full clean re-build of the Joomla site

Start with a basic Joomla installation, install all of the add-ons (components, modules, templates, and plugins) you utilise in your site. The next step is to delete all of the files from your current site (backing them up, just in case you need them). The major step is to put your clean new files into place on the site.  Finally - we have to carefully examine a select few files and folders from the original site (images, edited template files, etc) and place them into the newly rebuilt site.

From £ 250

In situ scanning and cleaning.

Whilst this product is priced to allow a certain degree of investigation of 'matters arising' it is obviously not as flexible in this regard as the more complete service listed below:

  • scan files for dropped hacker files
  • audit server's security settings and tighten
  • install 'hacker beware!' if supported by server

From £ 500     

Full rebuild and cleanse

This product is priced to allow for investigation of tangential issues:

  • start with new empty folders
  • add updated 'core' Joomla/Mambo CMS files
  • copy across components (checking for vulnerabilities/updates)
  • audit web server's security settings
  • install 'hacker beware!' if supported by server

© Copyright 2002-2011 Dean Marshall Consultancy Ltd - all rights reserved

CityLab, Dalton Square, Lancaster, Lancashire, LA1 1PP

We are a team of professional developers specialising in developing custom Joomla websites

Website design in Lancaster, Lancashire, Northwest England

We are members of W3C Sites XHTML valid website valid CSS website design WAI conformant website design

The Joomla!® name is used under a limited license from Open Source Matters in the United States and other countries. Dean Marshall Consultancy is not affiliated with, or endorsed by, Open Source Matters or the Joomla! Project.