- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Our website has been hacked
Our website has been hacked and we can't access the Magento admin platform. I've contacted support, but was told "you are using the Community Edition of Magento, we do not offer support"... Can anyone suggest anything? Would appreciate your assistance.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Our website has been hacked
Hi @mosheshalchon,
Do you have access to the server/database? You could follow the below steps to update the password manually:
Magento 1.9 and older versions
To reset the administrator password directly in Magento 1.9 and older versions, follow these steps:
- Log in to cPanel.If you do not know how to log in to your cPanel account, please see this article.
- In the Databases section of the cPanel home screen, click phpMyAdmin.
- In the left-hand pane of phpMyAdmin, click the Magento database. A list of tables in the database appears.Typically, the Magento database is username_mageXXX, where usernamerepresents your cPanel username, and XXX is a three-digit number.
- On the top menu bar, click SQL.
- Copy and paste the following statement into the SQL query text box. ReplaceNewPassword with the new password, and replace both occurrences of xx with any random two-character sequence:
UPDATE admin_user SET password = CONCAT(MD5('xxNewPassword'), ':xx') WHERE username = 'admin';
- This command assumes that you want to change the password for theadmin user account. To change the password for another account, change the username field to the correct value.
- The xx two-character sequence is a cryptographic salt. It can be anything you want, but make sure you use the same value in both parts of the SQL statement.
- If your Magento installation uses table prefixes, make sure you add it to the table name. For example, if your Magento table prefix is mg_, you would type the following command instead:
UPDATE mg_admin_user SET password = CONCAT(MD5('xxNewPassword'), ':xx') WHERE username = 'admin';
- Click Go. phpMyAdmin updates the database, and you can log in to Magento as the administrator using the new password.
Taken from: https://www.a2hosting.com/kb/installable-applications/optimization-and-configuration/magento1/resett...
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Our website has been hacked
Thanks Rebecca, a hostgator rep was able to change the password and actually log into our admin. The weird part is we're unable to log in (5 different people from different computers tried), we keep being redirected to the home page. Any thoughts?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Our website has been hacked
Hi @mosheshalchon,
It might be worth checking your local.xml to see if your admin url has been changed.
In app/etc/local.xml look for this:
<adminhtml> <args> <frontName><![CDATA[admin]]></frontName> </args> </adminhtml>
You may find [admin] has been changed to something else.
Also in your database check the core_config_data table for what is in the secure & unsecure base_url fields
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Our website has been hacked
scan all your files and database
MagenX - Magento and Server optimization
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Our website has been hacked
If you are not able to login to your admin panel, please consider reviewing the following values on the core_config_data table:
- web/cookie/cookie_domain: Check that the cookie domain is equal to your base URL. You can also empty its value.
- Set the following values to 0:
web/cookie/cookie_httponly
web/session/use_remote_addr
web/session/use_http_via
web/session/use_http_x_forwarded_for
web/session/use_http_user_agent
After that, clear the cache and session folders on your Magento installation and try again.