what to do when your joomla site is hacked?

  1. Check for a backdoor:
  2. -Access your site using ftp.
    -Check for the latest folder and files that have been changed. Are there any index.php files that have recently been changed?

  3. Check if the database has been corrupted. Check for Java Script and new user registration, their rights…
  4. Get the server logs to see what technic was used and which component is involved.
  5. Clean up, upadte the components and reopen the site (ftp site / 705)