Site Hacked

[tallone]

Hi,
I am using an old version of Elxis  Version: $Id: version.php 1080 2006-12-04
and until now I did not have a problem.
However a few days before some hacker (goy hacker) hacked the site.
I replaced index.php with one I had from backup and the site is working. But for how long though?
Some malicious script is probably still there in some of my files.
1) Is there a way to get rid off the problem and secure the site?
2)It might be time to transfer to a new release of Elxis. Can I tranfer from my old version to a new one?


Thank you

[ks-net]

GREEKLISH!!!

please fix that edit your post.. here only english  or post to greek forum!


is elxis version 2006?

[datahell]

Elxis 2006.x is not update-able... It is a very old release. You can install Elxis 2009.3 is a subdomain or in a subfolder and start building your site there (copy articles from one site to the other, etc). When ready move the new site to the old ones position.

Search for files that were modified in the last 1-2 days to find the infected files. Here is a sample how-to (requires ssh access).

cd /elxis/root/path
find . -type f -mtime -2

You can alternatively use the updiag tool in elxis administration. It will inform you about the files that are not in their original state and need to be updated/restored.

[tallone]

I suppose I can build the site in my pc (localhost ) first and upload it later.
Are there any critical things I need to pay attention when uploading the site from my pc to a remote server,
in order for the site to work properly and not to have any security holes?