By craig-al on

Hi all,

I am a beginner at Drupal and have not worked my way around it yet. It seems one site I work with has been hacked and I am not sure on the steps to follow to clear it up.

I have worked with Joomla and Wordpress so I know how a CMS works just not this particular one.

There seems to be a shell of some sort that displays every now and then on all pages. Is this the site that is compromised or the server? What steps can I follow to clear this up?

The site in question is http://www.courses.co.za/

Thanks for any advice!

Categories: Drupal 7.x

Comments

vijaythummar’s picture

vijaythummar commented

Check this thread:

https://www.drupal.org/node/2377743

also you should scan your code and remove maliciouscode.

Thanks,
Vijay Thummar

craig-al’s picture

craig-al commented

Thanks, I will check that thread out.

I did scan the code but it isn't bringing up anything.