raymon Posted March 18, 2015 Share Posted March 18, 2015 I have strong reasons to believe that when my site got hacked bogus files were put in whmcs that I have no way of knowing if they are true whmcs files or trojan files meant to access whmcs and my website's files. As a result, I am hoping to just delete all my files and reinstall whmcs from scratch to have fresh files in the folder but keep my existing database and all client information ... etc. What is the best way to do that? Ray 1 Quote Link to comment Share on other sites More sharing options...
Kian Posted March 18, 2015 Share Posted March 18, 2015 Backup your database. Save your templates (.tpl files shouldn't be a problem). If necessary also save includes/additionaldomainfields.php, includes/whoisservers.php and all content of includes/hooks directory. In case you have custom pages you also need to backup all your custom .php files in the root of your WHMCS. If possible open them just to ensure that there's nothing wrong inside. Remember to backup your server modules, addon modules, registrar modules and payment gateways if you have installed additional ones. Install a new WHMCS and once finished import your old database. Keep in mind that the version of the newly installed WHMCS should match the version of the old one. And now the most important part. Since you suspect that you've been compromised, do not use your old $cc_encryption_hash of your configuration.php file. Just use the new one but you'll be forced to regenerate all password p.s. Wait for more suggestion since I wrote this post very quicky and probably I missed something. p.p.s. Meanwhile you could try to perform a scan with softwares like Malwarebytes. I know that it might sound strange but most of times they can detect web-based trojans and rootkits. 0 Quote Link to comment Share on other sites More sharing options...
merlinpa1969 Posted March 18, 2015 Share Posted March 18, 2015 Download the files, use beyond compare to do a folder/file compare between your files and a STOCK copy of same version remember to set rules to compare files and versions That way you will KNOW if your files were modified/added you can go from there 0 Quote Link to comment Share on other sites More sharing options...
blakeh Posted March 19, 2015 Share Posted March 19, 2015 I am trying to do the same thing for similar reasons. My old install couldn't upgrade for some reason. I was going to do new install of files, but not run setup yet. Then restore DB, edit config files for db access, replace needed files and hope the new files would see old db version and do update on first run. Sound good? 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.