cancel
Showing results for 
Search instead for 
Did you mean: 

Our website has been hacked

Our website has been hacked

Our website has been hacked and we can't access the Magento admin platform. I've contacted support, but was told "you are using the Community Edition of Magento, we do not offer support"... Can anyone suggest anything? Would appreciate your assistance. 

5 REPLIES

Re: Our website has been hacked

Hi @mosheshalchon,

 

Do you have access to the server/database? You could follow the below steps to update the password manually: 

  Magento 1.9 and older versions

To reset the administrator password directly in Magento 1.9 and older versions, follow these steps:

  1. Log in to cPanel.
    If you do not know how to log in to your cPanel account, please see this article.
  2. In the Databases section of the cPanel home screen, click phpMyAdmin.
  3. In the left-hand pane of phpMyAdmin, click the Magento database. A list of tables in the database appears.
    Typically, the Magento database is username_mageXXX, where usernamerepresents your cPanel username, and XXX is a three-digit number.
  4. On the top menu bar, click SQL.
  5. Copy and paste the following statement into the SQL query text box. ReplaceNewPassword with the new password, and replace both occurrences of xx with any random two-character sequence:
    UPDATE admin_user SET password = CONCAT(MD5('xxNewPassword'), ':xx') WHERE username = 'admin';
    • This command assumes that you want to change the password for theadmin user account. To change the password for another account, change the username field to the correct value.
    • The xx two-character sequence is a cryptographic salt. It can be anything you want, but make sure you use the same value in both parts of the SQL statement.
    • If your Magento installation uses table prefixes, make sure you add it to the table name. For example, if your Magento table prefix is mg_, you would type the following command instead:
      UPDATE mg_admin_user SET password = CONCAT(MD5('xxNewPassword'), ':xx') WHERE username = 'admin';
  6. Click Go. phpMyAdmin updates the database, and you can log in to Magento as the administrator using the new password.

Taken from: https://www.a2hosting.com/kb/installable-applications/optimization-and-configuration/magento1/resett...

Problem solved? Click Accept as Solution!
Follow me on twitter:@RebeccaBrocton | wearejh.com

Re: Our website has been hacked

Thanks Rebecca, a hostgator rep was able to change the password and actually log into our admin. The weird part is we're unable to log in (5 different people from different computers tried), we keep being redirected to the home page.  Any thoughts? 

Re: Our website has been hacked

Hi @mosheshalchon,

 

It might be worth checking your local.xml to see if your admin url has been changed. 

 

In app/etc/local.xml look for this: 

        <adminhtml>
            <args>
                <frontName><![CDATA[admin]]></frontName>
            </args>
        </adminhtml>

You may find  [admin] has been changed to something else.

 

Also in your database check the core_config_data table for what is in the secure & unsecure base_url fields

 

 

Problem solved? Click Accept as Solution!
Follow me on twitter:@RebeccaBrocton | wearejh.com

Re: Our website has been hacked

scan all your files and database

------------
MagenX - Magento and Server optimization

Re: Our website has been hacked

If you are not able to login to your admin panel, please consider reviewing the following values on the core_config_data table:

 

  • web/cookie/cookie_domain: Check that the cookie domain is equal to your base URL. You can also empty its value.

  • Set the following values to 0:
    web/cookie/cookie_httponly
    web/session/use_remote_addr
    web/session/use_http_via
    web/session/use_http_x_forwarded_for
    web/session/use_http_user_agent

After that, clear the cache and session folders on your Magento installation and try again.

 

If my answer was useful, please give "Kudos" to this post.
If my answer helps you to resolve the problem, click on "Accept as Solution".