XF 1.3 All PHP files in installation has been overwritten, should I replace it with new Xenforo PHP files?

ree7

New member
Recently my site has been infected with malicious codes. All PHP files have been edited by the hacker. He added a bunch of codes to every single PHP file in my server, including Xenforo installation.
I have trouble with the backup and now I'm thinking the only possible solution apart from editing all PHP files one by one: replacing all PHP files with new ones I obtain from my fresh Xenforo installation folder.
Will be it safe and will there be any impacts on the forum's functionality?
 

Brogan

XenForo moderator
Staff member
Uploading a fresh set of files is fine.

However, unless you have identified how the hacker gained access and made provisions to prevent it happening again, it may be a pointless exercise.
 

ree7

New member
Okay thanks. I am upgrading it now and have hired a web security service to take car of future hacks.
 

Mike

XenForo developer
Staff member
It's worth noting that you really should remove all of the old files first (not the data/ and internal_data/ directories). Uploading the new files will overwrite the old ones, but if a new file is uploaded, it wouldn't overwrite that.

Similarly, check to make sure that that nothing has been written into anywhere in the data/ directory specifically. This may be something your host needs to check, but you should really only see *.jpg files and (empty) index.html files.
 
Top