romolo
Friend
Hi,
One of our clients sites using the JA Bookshop has been infected.
Unfortunately I can’t send a link to the site at the moment as we have had to disable it.
Is there anything that you are aware of in the template (or quickstart) which could cause the site to get infected?
Please advise.
Thank you
Pankaj Sharma
Moderator
Hi
I am not sure what kind of infection on site and file, I suggest you to check the site path and then u can go for replacing the file .
Also, you have to take a full backup of the site before replacing the infected files on the site .
romolo
Friend
Hi @pankaj Sharma,
Thank you for your response.
PHP scripts have been injected throughout the site, in numerous directories. The scripts were sending out thousands of spam emails to fake Polish email addresses.
We have a backup of the site prior to the infection, however when we reinstate this clean backup, the site becomes infected again… Which would suggest there’s a bad plugin/component allowing access to the site. We have updated Joomla to the latest version, but still no joy.
Any advice would be greatly appreciated.
Thanks
Pankaj Sharma
Moderator
Hi
You have to find the infected file on your site and remove them manually , maybe you can get the details from your hosting provider on this and remove the infected files .
Also i suggest you to use Security extension on your site for future safety . You can find the extension on Joomla extension directory .
This topic contains 3 replies, has 2 voices, and was last updated by Pankaj Sharma 7 years, 8 months ago.
We moved to new unified forum. Please post all new support queries in our New Forum
