How to recover from a hack

Can you recover from a hack? An admin's account was recently hacked and the hacker managed to delete user groups and a user.

Is there any way apart from manual backs ups to recover? I have stuff like the following in the logs

array(2) {
  ["redirect"] => string(43) "http://websitename/admin.php?user-groups/"
  ["execute"] => string(1) "1"

Generated By: Admin (, Today at 5:20 PM
Request State
array(1) {
  ["_xfConfirm"] => string(1) "1"


XenForo moderator
Staff member
If you don't have a backup of your database, then realistically, no, theres not much chance of a data restore.


Well-known member
Is there any way a hacker can change files on the filesystem using only admincp access?
If you are using same password for admincp and root server, then yes.

I advice everyone to use a different password for root server, admin server, xenforo admin account, database root, and xenforo database. And use a strong password combination. :)


Well-known member
If you have add-ons that provide access to the file server, yes, other wise, it is entirely possible that the hack included server access and you haven't realized it.