Community

404 Page Not Found

Hi guys,
On older versions of modx, my website was hacked. It was restored, fixed and updated. Now, it is a 404 not found page, I restored it to what it was, but again, it is a 404.

It updated to the latest version too. Can someone please help me, I am really becoming fed up of Modx!

www.gigipizzeria.com.au

Check your error log. Check your start_site setting, disable FURL and enable php errors.

The error page does not look like a MODX error page, but more like a standard server error page.

If that assumption is correct, it means MODX isn’t even being initialised, which could suggest the cleanup or the restoration wasn’t done correctly and certain requirements are missing (the root index.php, a configuration file, the database…) or have the wrong permissions.

What version of MODX were you using?

If you’re already in the fed up stage, and lack the experience to deal with restoring a hacked/broken site, it may also be worthwhile to consider bringing in paid assistance to help resolve it. The forum is great for generic help, but not always best suited for in-depth restorations like what you may need. Such services are offered by MODX LLC, modmore (*that’s me) and other MODX professionals may also offer similar services.

I can’t even access modx - http://www.gigipizzeria.com.au/manager/. It’s blank.
What are you talking about already in the fed up stage? One year ago almost all Modx sites were hacked and thus the need to MUST upgrade to MODX Revolution 2.6.5 was made public. Which I successfully, restored the database and cms, and was successfully able to upgrade.
We never had an issue since one month ago. When the website was like it is now. Dead!
So I successfully restored it, and upgraded it to version 2.7.1. And now, it is blank/404 again.

I can’t access the CMS!

That’s the fed up stage I was referring to. :wink:

So you were on 2.6.5 last time it worked and you tried to upgrade to 2.7.1 to restore it? Or it worked with 2.7.1 but broke after that?

Look at server error logs, and check core/cache/logs via ftp to see if anything is happening on the MODX side.

Thanks Mark, I just want to clarify the ‘already’ part. I have had, I believe, a lot of patience with modx, but it seems to have a lot of vulnerabilities.
After we were hacked, it was on 2.6.5 when it went blank last month. I restored it, then upgraded to 2.7.1. It worked for a couple of weeks, and is blank/404 again.

[2019-06-07 20:33:37] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 644) Could not load class: modUserProfile from mysql.moduserprofile.
[2019-06-07 20:33:37] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 762) modUserProfile::getSelectColumns() is not a valid static method.
[2019-06-07 20:33:37] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 644) Could not load class: modUserProfile from mysql.moduserprofile.
[2019-06-07 20:33:37] (ERROR @ /home/gigipizz/public_html/core/xpdo/om/xpdoobject.class.php : 543) Error 42S22 executing query: SELECT modUser.id AS modUser_id, modUser.username AS modUser_username, modUser.password AS modUser_password, modUser.cachepwd AS modUser_cachepwd, modUser.class_key AS modUser_class_key, modUser.active AS modUser_active, modUser.remote_key AS modUser_remote_key, modUser.remote_data AS modUser_remote_data, modUser.hash_class AS modUser_hash_class, modUser.salt AS modUser_salt, modUser.primary_group AS modUser_primary_group, modUser.session_stale AS modUser_session_stale, modUser.sudo AS modUser_sudo, modUser.createdon AS modUser_createdon, ``, UserSettings.user AS UserSettings_user, UserSettings.key AS UserSettings_key, UserSettings.value AS UserSettings_value, UserSettings.xtype AS UserSettings_xtype, UserSettings.namespace AS UserSettings_namespace, UserSettings.area AS UserSettings_area, UserSettings.editedon AS UserSettings_editedon FROM modx_users AS modUser LEFT JOIN modx_user_settings UserSettings ON modUser.id = UserSettings.user WHERE modUser.username = ? ORDER BY modUser.id ASC - Array
(
[0] => 42S22
[1] => 1054
[2] => Unknown column ‘’ in ‘field list’
)

[2019-06-07 20:33:43] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 644) Could not load class: modUserProfile from mysql.moduserprofile.
[2019-06-07 20:33:43] (ERROR @ /home/gigipizz/public_html/core/xpdo/om/xpdoobject.class.php : 240) Error 42S22 executing statement:
Array
(
[0] => 42S22
[1] => 1054
[2] => Unknown column ‘Profile.email’ in ‘field list’
)

[2019-06-07 20:35:48] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 644) Could not load class: modUserProfile from mysql.moduserprofile.
[2019-06-07 20:35:48] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 762) modUserProfile::getSelectColumns() is not a valid static method.
[2019-06-07 20:35:48] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 644) Could not load class: modUserProfile from mysql.moduserprofile.
[2019-06-07 20:35:48] (ERROR @ /home/gigipizz/public_html/core/xpdo/om/xpdoobject.class.php : 543) Error 42S22 executing query: SELECT modUser.id AS modUser_id, modUser.username AS modUser_username, modUser.password AS modUser_password, modUser.cachepwd AS modUser_cachepwd, modUser.class_key AS modUser_class_key, modUser.active AS modUser_active, modUser.remote_key AS modUser_remote_key, modUser.remote_data AS modUser_remote_data, modUser.hash_class AS modUser_hash_class, modUser.salt AS modUser_salt, modUser.primary_group AS modUser_primary_group, modUser.session_stale AS modUser_session_stale, modUser.sudo AS modUser_sudo, modUser.createdon AS modUser_createdon, ``, UserSettings.user AS UserSettings_user, UserSettings.key AS UserSettings_key, UserSettings.value AS UserSettings_value, UserSettings.xtype AS UserSettings_xtype, UserSettings.namespace AS UserSettings_namespace, UserSettings.area AS UserSettings_area, UserSettings.editedon AS UserSettings_editedon FROM modx_users AS modUser LEFT JOIN modx_user_settings UserSettings ON modUser.id = UserSettings.user WHERE modUser.username = ? ORDER BY modUser.id ASC - Array
(
[0] => 42S22
[1] => 1054
[2] => Unknown column ‘’ in ‘field list’
)

[2019-06-07 20:41:23] (ERROR @ /home/gigipizz/public_html/core/xpdo/xpdo.class.php : 644) Could not load class: modUserProfile from mysql.moduserprofile.
[2019-06-07 20:41:23] (ERROR @ /home/gigipizz/public_html/core/xpdo/om/xpdoobject.class.php : 240) Error 42S22 executing statement:
Array
(
[0] => 42S22
[1] => 1054
[2] => Unknown column ‘Profile.email’ in ‘field list’
)

[2019-06-09 09:35:03] (ERROR in modTemplateVar::renderOutput @ /home/gigipizz/public_html/core/model/modx/modtemplatevar.class.php : 288) Old style template variable with flat render file /home/gigipizz/public_html/core/model/modx/processors/element/tv/renders/web/output/googlemap.php, for TV map is deprecated since version 2.2.0.
[2019-06-09 09:35:20] (ERROR in modMenu::getSubMenus @ /home/gigipizz/public_html/core/model/modx/modmenu.class.php : 145) modAction support is deprecated since version 2.3.0. Support for modAction has been replaced with routing based on a namespace and action name. Please update the extra with the namespace cliche to the routing based system.

Any recommendations here?

Looks like it can’t load information about a core model. Doesn’t quite in my head explain why your frontend wouldn’t show, but it may explain the manager not working.

Could be missing or corrupted files that re-uploading may resolve? Or file permissions. Check core/model/modx/

I don’t understand how a website, untouched, just sitting there, can just go blank…

modaccesspermission.class.php - there is nothing in this file

I have done a restore on the site, can I pay you to login to modx and the ftp and check what the problem is, so that it doesn’t happen again? Modx is pure annoying, sorry but, my experience isn’t a good one.

I have cleared the cache in modx, and disabled all FURL options, except for
Use Friendly URLs, because this didn’t load the pages when I disabled it. So it’s still enabled.

Hey,

Unfortunately, when a site isn’t maintained you’re prone to fly-by hack attacks, hence why it just “broke” after not being touched. This is the same whether you’re using software like Drupal, Wordpress, etc. My best recommendation is to keep your sites up to date.

Hi Elizabeth,
Being a Modx employee, you are probably biased to modx. However, I can give you a number of wordpress and joomla sites that are not updated, and have not experienced any hacks. This specific post from Modx outlines the vulnerabilities that people around the world experienced, not just me - https://modx.com/blog/recovering-from-a-hacked-site-part-1.
However, in saying that, this is not the issue here. As our website was hacked one year ago, and I repeat yet again, everything was restored and then updated (to ver 2.6.5).
It was ok for one year, then yet another fantastic modx problem occurred. It was updated to Ver 2.7.1 and lasted 2 weeks, until it went down again.
Now it has been restored, but due to being a modx CMS, we are only waiting till the website goes down again.
Because the most consistent thing about Modx in the past 18 months, is how much it’s websites go offline.
I repeat, Joomla and wordpress do not have this issue. But like yourself, this is my biased “opinion”.
You have opened this discussion. I hope it ends here. As I wish to find a solution for this suffering Modx operated website. By keeping Modx, and not migrating to another CMS.

Hey,

I tend to think I’m pretty unbiased when it comes to a choice of CMS, because I’m employed as a systems admin and backend engineer. However, I’ve had plenty of cases where an unpatched Joomla or Wordpress install had been compromised, having helped dozens of friends fix up their stuff when it happens. This isn’t a problem unique to MODX, unfortunately.

The link you posted it a pretty good guide for getting things cleaned up when they do go awry however. I’m sorry it has happened to you, though, it sucks whenever it happens to anybody. I’d suggest uploading the current version of MODX, from a freshly downloaded zip matching your sites version, and running the upgrade. Afterwards, once you verify it’s working, upload the latest version of MODX and run the upgrade again.

Some resources for other CMSes that may be of use since cleaning a hacked site is pretty generic to some extent:


Hey Greg,

Always glad to see a fellow Aussie around the place! (I’m across in Adelaide).

I notice Goanna Designs logo on the site - have they been unable to help or have you not contacted them? (No big deal either way - just trying to get the lay of the land here.)

As someone who’s been at websites for 23 years I think it a ‘freak of statistics’ that you’ve had more issues with MODX than with Wordpress and Joomla. My experience over two decades and hundreds of sites sure hasn’t drawn the same conclusion (which is why you find me here in the MODX world!)

But, freak of statistics or not, it’s how you’re finding things :+1:t2:

So, the site’s up and running at the moment. Have you gone through the steps on the URL you pointed out earlier or is that where you’re looking for some further support?

Hi jcdm,
Nice to meet you and thanks for getting in touch.
I am the online marketer for Goanna Designs, but we developed modx sites with a modx developer in Sydney. He passed away and we don’t have the resources anymore for it. And Goanna has moved more into digital marketing.

Anyway, our website was hacked one year ago, everything was restored and then updated (to ver 2.6.5), including php and databases.
It was ok for one year, then 3 weeks ago we had another issue with it being a 404. Then it was restored and updated to Ver 2.7.1 and lasted 2 weeks, until it went down again.
Now it has been restored again. Not fixed. And I need to be sure it doesn’t happen again.

Cheers,
Greg

Sorry Greg - should have introduced myself properly as Josh! (Josh Curtis Digital Media)

I’m a solo operator who supports a number of MODX sites (as well as building/maintaining/etc).

If you’d like to say ‘hi’ and sound me out as a go-to resource when you need one for things like this, shoot an email to josh@jcdm.net and we can tee up a phone chat.

If you’re on at least version 2.6.5 (and all your extras are up to date) then it’s very unlikely to be a hack.
It’s most likely to be a change in your hosting environment. Perhaps your host has changed something on the server and things didn’t go as planned.