The other day i was just about to go see one of my clients to show them how to maintain their new Joomla! website when i thought i better check it to see if i had remembered everything. Good job i did because it had been hacked by some nice Turkish hackers. So for the next three hours or so i tried to find the files they had messed up and sort out the admin password which they had managed to change. I got everything back to normal and emailed my hosting company to see if they could shed any light on how they could have managed to hack in. They just had a bit of a whinge about me changing all my passwords and deleting all the Joomla! files and database and starting a fresh to make sure everything was secure again, but deleting all the Joomla! files and uploading them all again is a long and boring process.
After googling the topic i found out its actually quite a common occurrence with Joomla! sites, but one thing i couldn’t seem to find a clear answer to was how they did it and how to stop it. I’ve since removed the admin log-in from the frontend in case they managed to put some kind of SQL into it and that’s how they gained access but i really don’t know! Anyway i now have massive backups of all my Joomla! sites so next time i can just delete all files and stick the backup up instead. Nice and time consuming.