XF 1.3 All PHP files in installation has been overwritten, should I replace it with new Xenforo PHP files?


New member
Recently my site has been infected with malicious codes. All PHP files have been edited by the hacker. He added a bunch of codes to every single PHP file in my server, including Xenforo installation.
I have trouble with the backup and now I'm thinking the only possible solution apart from editing all PHP files one by one: replacing all PHP files with new ones I obtain from my fresh Xenforo installation folder.
Will be it safe and will there be any impacts on the forum's functionality?


XenForo moderator
Staff member
Uploading a fresh set of files is fine.

However, unless you have identified how the hacker gained access and made provisions to prevent it happening again, it may be a pointless exercise.


New member
Okay thanks. I am upgrading it now and have hired a web security service to take car of future hacks.


XenForo developer
Staff member
It's worth noting that you really should remove all of the old files first (not the data/ and internal_data/ directories). Uploading the new files will overwrite the old ones, but if a new file is uploaded, it wouldn't overwrite that.

Similarly, check to make sure that that nothing has been written into anywhere in the data/ directory specifically. This may be something your host needs to check, but you should really only see *.jpg files and (empty) index.html files.