Hi guys,
On older versions of modx, my website was hacked. It was restored, fixed and updated. Now, it is a 404 not found page, I restored it to what it was, but again, it is a 404.
It updated to the latest version too. Can someone please help me, I am really becoming fed up of Modx!
www.gigipizzeria.com.au
Check your error log. Check your start_site setting, disable FURL and enable php errors.
The error page does not look like a MODX error page, but more like a standard server error page.
If that assumption is correct, it means MODX isnāt even being initialised, which could suggest the cleanup or the restoration wasnāt done correctly and certain requirements are missing (the root index.php, a configuration file, the databaseā¦) or have the wrong permissions.
What version of MODX were you using?
If youāre already in the fed up stage, and lack the experience to deal with restoring a hacked/broken site, it may also be worthwhile to consider bringing in paid assistance to help resolve it. The forum is great for generic help, but not always best suited for in-depth restorations like what you may need. Such services are offered by MODX LLC, modmore (*thatās me) and other MODX professionals may also offer similar services.
I canāt even access modx - Login | Gigi Pizzeria Newtown. Itās blank.
What are you talking about already in the fed up stage? One year ago almost all Modx sites were hacked and thus the need to MUST upgrade to MODX Revolution 2.6.5 was made public. Which I successfully, restored the database and cms, and was successfully able to upgrade.
We never had an issue since one month ago. When the website was like it is now. Dead!
So I successfully restored it, and upgraded it to version 2.7.1. And now, it is blank/404 again.
I canāt access the CMS!
Thatās the fed up stage I was referring to. 
So you were on 2.6.5 last time it worked and you tried to upgrade to 2.7.1 to restore it? Or it worked with 2.7.1 but broke after that?
Look at server error logs, and check core/cache/logs via ftp to see if anything is happening on the MODX side.
Thanks Mark, I just want to clarify the āalreadyā part. I have had, I believe, a lot of patience with modx, but it seems to have a lot of vulnerabilities.
After we were hacked, it was on 2.6.5 when it went blank last month. I restored it, then upgraded to 2.7.1. It worked for a couple of weeks, and is blank/404 again.
[2019-06-07 20:33:37] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 644) Could not load class: modUserProfile from mysql.moduserprofile.
[2019-06-07 20:33:37] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 762) modUserProfile::getSelectColumns() is not a valid static method.
[2019-06-07 20:33:37] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 644) Could not load class: modUserProfile from mysql.moduserprofile.
[2019-06-07 20:33:37] (ERROR @ /home/gigipizz/public_html/core/xpdo/om/xpdoobject.class.php : 543) Error 42S22 executing query: SELECT modUser.id AS modUser_id, modUser.username AS modUser_username, modUser.password AS modUser_password, modUser.cachepwd AS modUser_cachepwd, modUser.class_key AS modUser_class_key, modUser.active AS modUser_active, modUser.remote_key AS modUser_remote_key, modUser.remote_data AS modUser_remote_data, modUser.hash_class AS modUser_hash_class, modUser.salt AS modUser_salt, modUser.primary_group AS modUser_primary_group, modUser.session_stale AS modUser_session_stale, modUser.sudo AS modUser_sudo, modUser.createdon AS modUser_createdon, ``, UserSettings.user AS UserSettings_user, UserSettings.key AS UserSettings_key, UserSettings.value AS UserSettings_value, UserSettings.xtype AS UserSettings_xtype, UserSettings.namespace AS UserSettings_namespace, UserSettings.area AS UserSettings_area, UserSettings.editedon AS UserSettings_editedon FROM modx_users AS modUser LEFT JOIN modx_user_settings UserSettings ON modUser.id = UserSettings.user WHERE modUser.username = ? ORDER BY modUser.id ASC - Array
(
[0] => 42S22
[1] => 1054
[2] => Unknown column āā in āfield listā
)
[2019-06-07 20:33:43] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 644) Could not load class: modUserProfile from mysql.moduserprofile.
[2019-06-07 20:33:43] (ERROR @ /home/gigipizz/public_html/core/xpdo/om/xpdoobject.class.php : 240) Error 42S22 executing statement:
Array
(
[0] => 42S22
[1] => 1054
[2] => Unknown column āProfile.emailā in āfield listā
)
[2019-06-07 20:35:48] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 644) Could not load class: modUserProfile from mysql.moduserprofile.
[2019-06-07 20:35:48] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 762) modUserProfile::getSelectColumns() is not a valid static method.
[2019-06-07 20:35:48] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 644) Could not load class: modUserProfile from mysql.moduserprofile.
[2019-06-07 20:35:48] (ERROR @ /home/gigipizz/public_html/core/xpdo/om/xpdoobject.class.php : 543) Error 42S22 executing query: SELECT modUser.id AS modUser_id, modUser.username AS modUser_username, modUser.password AS modUser_password, modUser.cachepwd AS modUser_cachepwd, modUser.class_key AS modUser_class_key, modUser.active AS modUser_active, modUser.remote_key AS modUser_remote_key, modUser.remote_data AS modUser_remote_data, modUser.hash_class AS modUser_hash_class, modUser.salt AS modUser_salt, modUser.primary_group AS modUser_primary_group, modUser.session_stale AS modUser_session_stale, modUser.sudo AS modUser_sudo, modUser.createdon AS modUser_createdon, ``, UserSettings.user AS UserSettings_user, UserSettings.key AS UserSettings_key, UserSettings.value AS UserSettings_value, UserSettings.xtype AS UserSettings_xtype, UserSettings.namespace AS UserSettings_namespace, UserSettings.area AS UserSettings_area, UserSettings.editedon AS UserSettings_editedon FROM modx_users AS modUser LEFT JOIN modx_user_settings UserSettings ON modUser.id = UserSettings.user WHERE modUser.username = ? ORDER BY modUser.id ASC - Array
(
[0] => 42S22
[1] => 1054
[2] => Unknown column āā in āfield listā
)
[2019-06-07 20:41:23] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 644) Could not load class: modUserProfile from mysql.moduserprofile.
[2019-06-07 20:41:23] (ERROR @ /home/gigipizz/public_html/core/xpdo/om/xpdoobject.class.php : 240) Error 42S22 executing statement:
Array
(
[0] => 42S22
[1] => 1054
[2] => Unknown column āProfile.emailā in āfield listā
)
[2019-06-09 09:35:03] (ERROR in modTemplateVar::renderOutput @ /home/gigipizz/public_html/core/model/modx/modtemplatevar.class.php : 288) Old style template variable with flat render file /home/gigipizz/public_html/core/model/modx/processors/element/tv/renders/web/output/googlemap.php, for TV map is deprecated since version 2.2.0.
[2019-06-09 09:35:20] (ERROR in modMenu::getSubMenus @ /home/gigipizz/public_html/core/model/modx/modmenu.class.php : 145) modAction support is deprecated since version 2.3.0. Support for modAction has been replaced with routing based on a namespace and action name. Please update the extra with the namespace cliche to the routing based system.
Any recommendations here?
Looks like it canāt load information about a core model. Doesnāt quite in my head explain why your frontend wouldnāt show, but it may explain the manager not working.
Could be missing or corrupted files that re-uploading may resolve? Or file permissions. Check core/model/modx/
I donāt understand how a website, untouched, just sitting there, can just go blankā¦
modaccesspermission.class.php - there is nothing in this file
I have done a restore on the site, can I pay you to login to modx and the ftp and check what the problem is, so that it doesnāt happen again? Modx is pure annoying, sorry but, my experience isnāt a good one.
I have cleared the cache in modx, and disabled all FURL options, except for
Use Friendly URLs, because this didnāt load the pages when I disabled it. So itās still enabled.
Hey,
Unfortunately, when a site isnāt maintained youāre prone to fly-by hack attacks, hence why it just ābrokeā after not being touched. This is the same whether youāre using software like Drupal, Wordpress, etc. My best recommendation is to keep your sites up to date.
Hi Elizabeth,
Being a Modx employee, you are probably biased to modx. However, I can give you a number of wordpress and joomla sites that are not updated, and have not experienced any hacks. This specific post from Modx outlines the vulnerabilities that people around the world experienced, not just me - https://modx.com/blog/recovering-from-a-hacked-site-part-1.
However, in saying that, this is not the issue here. As our website was hacked one year ago, and I repeat yet again, everything was restored and then updated (to ver 2.6.5).
It was ok for one year, then yet another fantastic modx problem occurred. It was updated to Ver 2.7.1 and lasted 2 weeks, until it went down again.
Now it has been restored, but due to being a modx CMS, we are only waiting till the website goes down again.
Because the most consistent thing about Modx in the past 18 months, is how much itās websites go offline.
I repeat, Joomla and wordpress do not have this issue. But like yourself, this is my biased āopinionā.
You have opened this discussion. I hope it ends here. As I wish to find a solution for this suffering Modx operated website. By keeping Modx, and not migrating to another CMS.
Hey,
I tend to think Iām pretty unbiased when it comes to a choice of CMS, because Iām employed as a systems admin and backend engineer. However, Iāve had plenty of cases where an unpatched Joomla or Wordpress install had been compromised, having helped dozens of friends fix up their stuff when it happens. This isnāt a problem unique to MODX, unfortunately.
The link you posted it a pretty good guide for getting things cleaned up when they do go awry however. Iām sorry it has happened to you, though, it sucks whenever it happens to anybody. Iād suggest uploading the current version of MODX, from a freshly downloaded zip matching your sites version, and running the upgrade. Afterwards, once you verify itās working, upload the latest version of MODX and run the upgrade again.
Some resources for other CMSes that may be of use since cleaning a hacked site is pretty generic to some extent:
Hey Greg,
Always glad to see a fellow Aussie around the place! (Iām across in Adelaide).
I notice Goanna Designs logo on the site - have they been unable to help or have you not contacted them? (No big deal either way - just trying to get the lay of the land here.)
As someone whoās been at websites for 23 years I think it a āfreak of statisticsā that youāve had more issues with MODX than with Wordpress and Joomla. My experience over two decades and hundreds of sites sure hasnāt drawn the same conclusion (which is why you find me here in the MODX world!)
But, freak of statistics or not, itās how youāre finding things 
So, the siteās up and running at the moment. Have you gone through the steps on the URL you pointed out earlier or is that where youāre looking for some further support?
Hi jcdm,
Nice to meet you and thanks for getting in touch.
I am the online marketer for Goanna Designs, but we developed modx sites with a modx developer in Sydney. He passed away and we donāt have the resources anymore for it. And Goanna has moved more into digital marketing.
Anyway, our website was hacked one year ago, everything was restored and then updated (to ver 2.6.5), including php and databases.
It was ok for one year, then 3 weeks ago we had another issue with it being a 404. Then it was restored and updated to Ver 2.7.1 and lasted 2 weeks, until it went down again.
Now it has been restored again. Not fixed. And I need to be sure it doesnāt happen again.
Cheers,
Greg
Sorry Greg - should have introduced myself properly as Josh! (Josh Curtis Digital Media)
Iām a solo operator who supports a number of MODX sites (as well as building/maintaining/etc).
If youād like to say āhiā and sound me out as a go-to resource when you need one for things like this, shoot an email to [email protected] and we can tee up a phone chat.
If youāre on at least version 2.6.5 (and all your extras are up to date) then itās very unlikely to be a hack.
Itās most likely to be a change in your hosting environment. Perhaps your host has changed something on the server and things didnāt go as planned.