Joomla emergency
services
Emergency (SOS) support
- Virtuemart, J2store, Joomshopping webshop systems SOS bug fixing
- Joomla immediate bug fixing
- Solving email problems
- Email block list recovery due to SPAM, email setup
- Debugging and fixing a slow Joomla system
Quick database debugging
- Debugging data consistency, DB "cleaning"
- Immediate fix for database problems, user access level settings
- Fixing error messages, anomalies after extension installations
Immediate Search Console bug fixing
- Exploring and eliminating the causes of Core Web Vitals error reporting
- Superfast elimination of AMPhtml errors
- Product microdata, search console bug fixes
- Finding out and fixing the reasons of ranking drops
Hacked Joomla
recovery
Quick elimination of vulnerabilities
- Finding and removing malicious code lines
- Exploring and eliminating the mode of attack
- Virus removal of hacked website
Preventive protection measures
- Preparing for further possible attacks on the site
- Introduction of safety measures
- Search Console management in order to avoid the site's ranking drop in SERP
Immediate Joomla CMS recovery
As part of our immediate bug fixing service, we will begin to fix or restore the damaged, malfunctioning or even broken Joomla website.
In extreme cases, virus removal and even a complete reinstallation are required. Then, after removing the virus, we move the content and settings of the page into a new, clean, virus-free Joomla.
Emergency bug fixing step by step
01 Give us a call in business hours (+36 20-543-08-10) or write a message to us anytime!
02Send us your website link and your access data. You can send anything that is available, but first of all, we will need a CPanel access. This is the email you received from your hosting provider after you signed up and this includes your passwords as well. If you don’t have it but you have an IT professional, he/she can call us, or you can give his/her phone number in your message and we’ll call him/her. If this is not possible, try searching your mail for the following words so you can hopefully find your provider: cpanel, ftp account, hosting package, hosting, customer gateway, fee request, error ticket.
03 We will estimate the situation. We provide a quick status report about what we’ve experienced, what we’ve seen, and how much the damage is. We will then send you a quick quote. If you find the price acceptable, we'll start the work.
04 We save what can be saved and restore what can be restored. We will consult with you or your colleagues during the intervention continually.
05Our crisis management extends to Google. We keep track of the Google Search Console (formerly Webmaster Tools), monitor for occuring errors, fix and report them to Google. This is important for search rankings, as a viral site is penalized by Google.
06 We analyze what happened and make suggestions on what preventive actions, software, services you should consider to apply to avoid any further shutdowns, attacks. (Eg firewall, hosting provider change, cloud, plugin change, 2FA, Anti-DDos services, etc.)
Joomla virus attack questions and answers
There are cases when immediate intervention is required to save a Joomla website. A website containing a virus or malware code is detected by search engine robots (Google, Bing, DuckDuckGo, etc.) and is not recommended or they even block it from being viewed by their users. If the compromising, harmful line of code on a webpage persists for several days, most search engines apply sanctions, penalties, and ranking drop .
Ranking drop can also happen if the website is damaged or contains incorrect data, does not display properly or does not work. In such cases, it is not worth delaying because even material damage or loss of income can happen from these serious mistakes.
Based on our experience in the case of smaller sites that are not administered on a daily basis, the search engine detects the presence of malicious code or suspicious redirects sooner than the site owner his/herself.
Anyhow, the owner will be aware of it in most cases, as he/she will sometimes "check" the page and if there's a Search Console account. It will indicate the problem. In most cases Search Console attack report can be useful as well. Once the bug is actually fixed, it is worth submitting it to Google on the correct form. With a quick bug fix, Google will remove the page from its own blacklist or not even take it to the list. Being on the blacklist would result removing the page from the results list by Google.
After troubleshooting the attack, it is recommended to monitor Search Console reports constantly, because if the attackers or attacking robots have infected something else too, it is easier to find out about it.
It is a legitimate question that who has an interest in attacking the website of a nonprofit children’s foundation for example? We can assume that a site like this does not contain sensitive data, but the site is clean and has a reputation that can come in very handy for hackers during a phishing attack. They are constantly looking for known IT bugs (low hanging fruits) with their software and if they'll have chance to intervene in order to take over the administration of the website, they will. Typically, this is also done by programs, they are automatically scanning for vulnerabilities.
When they find them, they upload a fake netbank login to the interface for example. Once this is done, they try to redirect visitors from other sites to this interface, which at first sight is the same as the usual banking interface. The passwords and IDs entered here will be passed on by the website to hackers, who will then take action manually. And this is carried out in a way that neither the site owner nor the visitor will notice.
It is even easier when they use a hacked website for spam or phishing mail, thus reduce its SEO value, as after a while the hacked website will be blacklisted (and as a result they will be removed from the results list). However, until this doesn't happen, it will be a valid email, so it will not go into spam. During this small amount of time, many kinds of scams, many thousands of letters can be sent out.
In addition, there are many ways to use a well-functioned website, webshop, for covering another attack or to serve it directly. That’s why robots aren't sorting whether to hack a nonprofit website or a simple blog.
Of course, they can. Just as they can attack the system that Joomla is running on (PHP environment, CentOS, Cpanel, Webmint, etc.). As Wordpress is a much more common CMS than Joomla, (source: CMS statistics), there are more malicious codes for it, as the number of attacks is greater, the same attack interfaces may be available (unpatched) on multiple pages.
This will not make Wordpress worse or Joomla better, just the probability of hacking may be higher for Wordpress compared to Joomla.
- The page loads conspicuously slowly
- Going to certain menu items the site will redirect to other web addresses, unknown ads may appear, unknown pop-ups may appear
- Emails are sent to SPAM, ranking is suddenly dropped by search engines
- The browser warns you that the page contains malicious code
- The hosting company closes the site (their internal virus scan finds a virus)
- The site loads completely different content (e.g. bank login interface)
- The website displays strange error messages, typically around the footer
- Google Search Console sends a warning message
- IT Security Company will alert you by email and blacklist the page or certain parts of it
- There are new (admin) users in the database
- Update the CMS system constantly
- Do not use deprecated, not used extensions
- Install extensions only if they can be found in the JED or if their codes have been examined
- Keep Joomla plugins up to date
- Use up to date PHP environment, minimum over 7.4
- Use hosting programs where you can backup and restore easily (JetBackup, Softaculous, Installatron)
- Use strong passwords, strong user names, make them unique and do not use somewhere else
- Do not leave files zipped in public_html (e.g. adminisrator.zip etc.)
- If you can, use 2-step authentication on the backend (2FA)
- If possible, serve all JS, CSS, fonts, images from your own server
- Monitor error logs occassionally and folder permission reports in Joomla system information
- When updating, check what's in the patch, and find out what's new in Joomla news
- If you have changed a user with Webmaster / Administrator access level, delete the old user
- Check Joomla ACL report from time to time
- Use a ReCaptcha service if you enable user registration
- Remove the Joomla Generator meta tag from the page with a plugin
Contact us
for fixing Joomla!