So straight to the point- Im trying to clean my host entirely (databases too) and after I delete the last 2 files wp-content and wp-includes (700MB of files) they get restored instantly. This may be a simple question but for me it s very odd and I don`t get it. Besides file-manager i used Filezilla too and the same thing happens(my hosting company as it su#%$ failed to give me a reply after 48h).
I have recorded a short video of my problem to help you better understand my issue.
https://www.youtube.com/watch?v=wqL35R0-vvw&feature=youtu.be
Hope you`ll be able to help me. Thank You !
I`m working on this website for an NGO after it was hacked and for now I want to wipe every single file from the server and rebuild it but those files which have inside infected pages(php scripts) wont get deleted
Chances are very good some of those files are owned by the webserver, especially if you were compromised via a WordPress vulnerability. As they're owned by the webserver and not your user, you're unable to delete them.
If you have root/sudo access, you can use that on the command-line to remove them. If you don't, you'll need your host to help.
Related
My site is messed up and I am trying to fix it, and regardless of it I get help, it is going to take awhile likely, and it's really important that my site be live, even if it's a crappy version with just the articles and no template.
Would it not work to make a backup of the database, install Joomla fresh (the same version) and connect it to that duplicate database (then point my domain there) and then go back to working on fixing the current site that is live now? Are there any issues I should know about going in? There's a good chance the issues are related to the template or extensions (at least my understanding so far, see my other post for details on the issue) so I would think it would be faster to do this to get a working site rather than trying to turn off and on each extension, especially when I have to do it manually (and I don't know how yet) as I can't access the backend.
If this will work, do I choose the database when I install or just install empty and then change what database it connects to or do i install empty and import the tables (and how)? Still have to figure out if I can make a clone of the database and not all the files as it takes hours.
Thanks for the help, and if I should have appended this to the other post I apologize, but I figured its a separate issue.
First, ensure you have backups of both the files and the database. Then make a local copy of your site where you will work later.
The infection may lie:
in the Joomla core files, with extra content (which is usually fairly easy to spot, for example an eval of a large base64-encoded variable);
in extra files (keep in mind that even images could contain malicious code), these would be usually triggered outside of Joomla for spamming or other nefarious purposes
in the database content.
Fix:
Apply a fresh Joomla update package over your site; you will only fix n.1 above. This may restore some functionality for the first hour of survival.
Analyse the logs, and try to figure out how they got in. You need to step up security as obviously what you have is not enough.
Install a fresh Joomla, add all extensions that your site uses, copy the images folder, then connect it to a copy of the compromised database. This will fix n.1 and 2 above (as you got rid of any extra files). This may survive until they figure out you fixed it; but if you haven't patched your security, they will hack into your site again. Keep a copy of this, and restore as needed as you proceed with the following step.
Export the db to sql format (mysqldump or phpmyadmin may come in handy), then search for any xss traces, php code, javascripts that may have been injected. Since a complete control could take days, and assuming the malicious code links elsewhere, look for strings such as "https://" and "http://"; escape / as \/ and \\\/ to account for json-encoded data as well.
Once the db is clean, your local copy is reasonably safe; update all extensions and Joomla, and use it to restore the website until you fix your security.
It might work, i mean cloning the DB as far as joomla version is the same. It won't break like that, but may fail if files for extensions are not found. This is somewhat wrong, the question is how many extensions you are using and how much cleansing you need.
On the other side you mention that the site should be 'live'. Just do everything on localhost, test, fix templates, etc. Then if you're sure you're done, use akeeba backup and deploy new version to your server without long delays.
Any kind of cleansing needs some start.
You can clean the site while live, depends on complexity.
Clean might be done offline and deployed.
Sometimes import/export custom routines are needed, so you have to make own tools for everything. It occurs with large data, like when people used to made mess inside images folder or something like that.
4 ...
It's pointless to make copies of DB. You install the same version of Joomla on your local server, then you install the same template, you copy styles etc.
Then you import data with your own tools or paid ones. Estimated time is from few hours to few days, it's just data :)
Currently i'm using latest version of cakephp,When i try to install it it shows the error as temp folder is not re writable.
OK it is fine we can give ch-mod rewrite permission to that particular folder. But there is a reason behind everything.
I tried to find why should we give to it , and what is the reason behind that but i can't get the answer clearly , so i'm expecting it from you , can anyone help me to understand, thanks in advance...
You’re asking why a tmp folder needs write access? Well, if you look in the folder, there are sub-folders for caching, logging, session, and tests if you run them.
CakePHP needs write access so it can write cache file, write any errors logs, write sessions to disk if you’ve configured CakePHP to save session data in your tmp folder.
I’m not sure how to explain this any clearer than, CakePHP needs write access to the tmp folder to, erm, write files.
Documentation says:
Make sure that this folder exists and that it is writable, otherwise the performance of your application will be severely impacted. In debug mode, CakePHP will warn you if it is not the case.
See: http://book.cakephp.org/2.0/en/getting-started/cakephp-folder-structure.html
I have this kind of problem. I have created a web application and I am going to run it on a dedicated server. Users will be able to upload photos and other kind of files. If the users increase I add another server.
So they become two like in the picture below. Now since the files are being uploaded to my applications root folder, I think the new server won't be able to read those files. How can I accomplish to store files in a way that whatever server a user will be connecting to he will be able to retrieve the file. How are the cheaper computers (small ones in the ring) connected so that they store files like one big drive with one giant folder such that whenever I want to increase storage I just add another cheap computer to the ring. What do I need to search for in the web?
please pardon me for my poor English. I had asked a similar question before but nobody answered so I thought the photo might help. I am willing to learn anything new to solve this problem. my other earlier question
i am trying to figure this out for a long time now, but so far no luck, maybe somebody can help me.
I have a 2.2.2 cakephp installed on my computer (localhost) and everything works perfectly. But now i want that same project to be online on remote server. I upload everything, set mysql path but i get a blank page when trying to access the site.
If i upload a fresh cakephp it works, but my project doesnt. The debug is set to default, think that should be 2? I also deleted files in cache/tmp, but still no errors or anything, just blank page.
Any info would be helpful, thank you.
I hate when that happens :). Usually it does if there is an error somewhere and you can't see it because the errors are turned off, so you should call phpinfo() and see if display_errors is on. Changing the debug mode doesn't work every time since display_errors is set from php.ini.
Unfortunately, if this is the problem and you don't have access to edit the php.ini file, you might need to ask the hosting provider to change it and restart the php service.
You can also try this: error_reporting(E_ALL)
I uploaded changes to my cakephp website and discovered that all actions for a particular controller returned a blank page. I discovered what the error was and was able to reproduce it with another controller.
The problem was that in the first line of my controller file I had a space before the opening php tag.
One space cost me hours.
Just uploading all files won't cut it. Make sure you work through this checklist:
First and foremost, check the error log file located under app/tmp/logs/error.log, this usually holds some very good pointers as to what is wrong.
Make sure you have uploaded the app/Config/database.php file with the proper details. Local installs usually have user root without password. Online servers (obviously) do not!
To that extent, also make sure you actually have a database with your hosting provider (either your host sent you the info or you need to create it yourself using their control panel).
Make sure you also uploaded all .htaccess files (the one under the root directory and /app and /app/webroot), some FTP programs don't show this "hidden" file by default.
If all else fails, contact your hosting provider for further support as they usually have access to more verbose server logs that can also hold clues.
The real problem was only the coding I used in notepad++. All my files were encoded with UTF-8, but they should have been UTF-8 without BOM. After I changed it to UTF-8 withot BOM, everything started to work perfectly.
I have been working on a system to push changes from my git repository to a live site. The issue is that on my local box (where only I have access) I leave db credentials defaults; but I don't want them to be defaults on the web.
What would be the best solution to have a few files that are only located on each development computer, and are never uploaded/committed, etc. I was thinking of throwing in an example file if anyone clones it down, that way they'd know how to create the real credentials file.
I'm pretty new to git, and so I don't think I have the experience to really come up with a good solution for this, so any help would be great.
Thanks,
Max
Your idea of committing an examples file and then not actually tracking the real file is a good one.
Just put the name of the real file in .gitignore so that no one will add it by accident.