Post-Hack Cleanup and Server Migration

7 posts by 2 authors in: Forums > CMS Builder
Last Post: August 21, 2015   (RSS)

Hi!

I'm trying to clean up my CMS Builder install on my web server after a hack. I am moving to a new web server too, as I believe the cause of the hack was partially due to improper permissions and poor setup of the old server (which I inherited). I have taken a backup of the database, both through phpmyadmin and the CMS built in backup. 

I have uploaded a fresh copy of the cms builder admin folder and uploaded my sanitized files from the rest of the old site. I also put the database backup taken using the cms into the data folder in the fresh admin folder. When I follow the install instructions and go to admin.php, I can enter all the required information, sql info and  then pick the database to restore. Upon clicking restore it goes to the login screen.

I am able to log in with my old credentials, and I can see the other users listed too, so it looks like the database restore worked. However none of the buttons down the left side that I am used to seeing appear. If I try to get to the main page I get an error stating: 

getRecords(homepage): Couldn't load schema for 'homepage’!

I'm not sure what is going on. Perhaps I have cleaned off too much code? I removed some lines that has open php tags, a bunch of random characters and then a close php tag. There were also some lines of php containing stripslashes commands at the top of several files that I removed. Oddly, there are references in my files to other CMS installs I have. A $dirsToCheck variable at the top of the index.php for this site points to a non-existent directory named after an existing CMS install, which seems odd.

Please let me know what other information I can provide to help find and answer,

Thank you!

By ross - August 19, 2015

Hi there.

Thanks for posting. Sorry to hear about the site hack.  Have you read through our support document on hacked sites:

http://www.interactivetools.com/docs/cmsbuilder/how_to_restore_hacked_sites.html

It has a lot of great information on getting things cleaned up and running again.  It actually sounds like you've done most of it already and I still recommend having a read.

To specifically get the links down the left side of your page back, you'll need to go into your backups from the old server and find the /cmsAdmin/data/schema folder and upload all those files to your new server. You'll want to have a quick look through to make sure malicious code hasn't been added to these files either.  

After uploading, log into CMS Builder again and click through to Admin -> Section Editor.  

You should now have all your links back.

Give this a shot and let me know how you make out.

Thanks!

-----------------------------------------------------------
Cheers,
Ross Fairbairn - Consulting
consulting@interactivetools.com

Hire me! Save time by getting our experts to help with your project.
Template changes, advanced features, full integration, whatever you
need. Whether you need one hour or fifty, get it done fast with
Priority Consulting: http://www.interactivetools.com/consulting/

By ross - August 20, 2015

Hi Jacob

Glad to hear everything is up and running again.

With permissions for your files and folders, I find letting the server give them all default permissions usually works best.  Basically, if the site is running and CMS Builder works, I don't change any permissions.

I do find that files usually get 644 and folders get 755 though so it sounds like your server is giving standard permissions by default anyway.

Keep us up to date with how you are making out.

Thanks!

-----------------------------------------------------------
Cheers,
Ross Fairbairn - Consulting
consulting@interactivetools.com

Hire me! Save time by getting our experts to help with your project.
Template changes, advanced features, full integration, whatever you
need. Whether you need one hour or fifty, get it done fast with
Priority Consulting: http://www.interactivetools.com/consulting/

Hi Ross,

Thanks for the tips about the permissions.

I've hit another problem migrating another hacked cms site (I have 3 total :/). I have cleaned up the files, and moved them over to the new server. Trying to get to the admin login give me this error:

loadINI: syntax error, unexpected '(' in **PATHHIDDEN**/cmsAdmin/data/schema/about_header.ini.php on line 2

To be clear, **PATHHIDDEN** is not what the actual message says there.

The about_header.ini.php file looks like this:

<?php

 /* This is a PHP data file */ if (!@$LOADSTRUCT) { die("This is not a program file."); }

return array (

  'menuName' => 'About',

  'menuOrder' => '5',

  'menuType' => 'menugroup',

);

?>

What might be doing that?

Thanks,

Jacob

By ross - August 21, 2015

Hi Jacob

We'll need to take a closer look at that one. Could you send in a support request:

https://www.interactivetools.com/support/email_support_form.php

If you mention this post in the comments of the request, I can update the thread when we figure it out.

Thanks!

-----------------------------------------------------------
Cheers,
Ross Fairbairn - Consulting
consulting@interactivetools.com

Hire me! Save time by getting our experts to help with your project.
Template changes, advanced features, full integration, whatever you
need. Whether you need one hour or fifty, get it done fast with
Priority Consulting: http://www.interactivetools.com/consulting/

By ross - August 21, 2015

Hi Jacob

We'll need to take a closer look at that one. Could you send in a support request:

https://www.interactivetools.com/support/email_support_form.php

If you mention this post in the comments of the request, I can update the thread when we figure it out.

Thanks!

-----------------------------------------------------------
Cheers,
Ross Fairbairn - Consulting
consulting@interactivetools.com

Hire me! Save time by getting our experts to help with your project.
Template changes, advanced features, full integration, whatever you
need. Whether you need one hour or fifty, get it done fast with
Priority Consulting: http://www.interactivetools.com/consulting/