This guide has worked for me on every recovery process i’ve performed. It’s intention is to guide a Joomla administrator to recover a hacked Joomla site WITHOUT a previous cleaned backup. I assume that the reader has installed WAMP server or a similar solution in a local machine, knows how to install and move Joomla sites and has basic knowledge of any database administrator tool like phpMyAdmin.

Here is the step by step guide on how to recover a Joomla site:

Every Website or Web application published today on the internet is exposed to being attacked and be a victim of a hacker. No website is too small to be a target, nowadays, the best strategy you can follow is to be sure that you will always have at least a recent full backup of your data to prevent data loss in case your server is compromised and to implement a set of measures that stop known attacks to reduce the probability of being victim of a hacker. If your site contain sensible data from you or your clients, then you need  to take extra precautions.

Here is a basic checklist with tips and advice for protecting your Joomla website:

Why is so important?

Joomla’s team works very hard to keep Joomla free from vulnerabilities, but when it comes to third party extensions, a simple bad decision at the beginning of your project can turn into a nightmare later.

Just to give you an example, i worked on a Joomla upgrade project for an online Scientists magazine website from the Office of science and Technology for an embassy in Washington.

They were stuck with an old extension that controlled the magazine content. With support discontinued from the developer, the site was trapped on the Joomla 1.5.x series and the attacks started quickly.