• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.3 All PHP files in installation has been overwritten, should I replace it with new Xenforo PHP files?


New member
Recently my site has been infected with malicious codes. All PHP files have been edited by the hacker. He added a bunch of codes to every single PHP file in my server, including Xenforo installation.
I have trouble with the backup and now I'm thinking the only possible solution apart from editing all PHP files one by one: replacing all PHP files with new ones I obtain from my fresh Xenforo installation folder.
Will be it safe and will there be any impacts on the forum's functionality?


XenForo moderator
Staff member
Uploading a fresh set of files is fine.

However, unless you have identified how the hacker gained access and made provisions to prevent it happening again, it may be a pointless exercise.


XenForo developer
Staff member
It's worth noting that you really should remove all of the old files first (not the data/ and internal_data/ directories). Uploading the new files will overwrite the old ones, but if a new file is uploaded, it wouldn't overwrite that.

Similarly, check to make sure that that nothing has been written into anywhere in the data/ directory specifically. This may be something your host needs to check, but you should really only see *.jpg files and (empty) index.html files.