Someone hacking into index.php1 user found helpful
The database password has been changed and the password to the server has been changed. I am contacting the web host to help resolve the issue as well.
I am wondering if anyone else has run across this issue and how you resolved it.
I could change all my passwords, but I feel there were several that were already close to bullet proof passwords (I say close to bullet proof, because I am guessing that all passwords can be hacked.... if the hacker has the time to keep trying.)
Thanks for any help you can give.
Now I need to plug up the holes in the site access.
Thanks for your help.
I know this is an old thread, but I'm experiencing this problem for the first time and pretty new (completely new) to programming, web management, so thanks for the help!
I've been able to go in and find the index.php and the dispatcher.php file and remove the code manually, but it looks like the [eval(debug] code is in EVERY ONE of the php files on my site.
How do I mass-remove this code? Is there a quick fix that I won't mess up or are we best off trying to hire someone to fix this? What's our best option?
Thanks a bunch,
If you have that many files that are corrupt I would think it would be best to restore from a recent back up. Does your host do automatic backups?
The next is just a brain storm idea and someone might come in and tell you this is a bad idea because certain files site specific settings (mysql settings, passwords, concrete5 community connections, info about the addons you have installed...) Another option is to install a second copy but same version of concrete5 in a sub-domain (sub-folder), then copy over the php files. Maybe someone can tell you what php files you should not copy over and need special attention.
I've done a check of the php files and index.php is infected, and it appears that all the php files contain this "header" insertion.
I'm not sure my hoster has a recent back up and if not then I suspect I have to do a lot of editing on all the .php files
Any suggestions on a better solution. (I know, backups, backups)