• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

How to recover from a hack

#1
Can you recover from a hack? An admin's account was recently hacked and the hacker managed to delete user groups and a user.

Is there any way apart from manual backs ups to recover? I have stuff like the following in the logs

Code:
array(2) {
  ["redirect"] => string(43) "http://websitename/admin.php?user-groups/"
  ["execute"] => string(1) "1"
}

users/shock.2/delete
Generated By: Admin (31.215.205.188), Today at 5:20 PM
Request State
array(1) {
  ["_xfConfirm"] => string(1) "1"
}
 

Slavik

XenForo moderator
Staff member
#5
If you don't have a backup of your database, then realistically, no, theres not much chance of a data restore.
 

Sheratan

Well-known member
#7
Is there any way a hacker can change files on the filesystem using only admincp access?
If you are using same password for admincp and root server, then yes.

I advice everyone to use a different password for root server, admin server, xenforo admin account, database root, and xenforo database. And use a strong password combination. :)
 

Jeremy

Well-known member
#9
If you have add-ons that provide access to the file server, yes, other wise, it is entirely possible that the hack included server access and you haven't realized it.