Home Guides Glossary

Fixing Your Drupal Site (Drupalgeddon)

AFFECTED APPLICATION Drupal versions <= 7.31
FIX Restore your Website and then upgrade
FIRST REPORT OF COMPROMISE Oct. 15, 2014 at 11pm UTC

If you're here, we're assuming you've been notified of a critical security issue with Drupal, which has been called Drupalgeddon (or Drupageddon). Drupal's issued an announcement about it here, but this article contains the information you need to protect your Drupal Website.

In short, this security risk could let attackers install backdoors on your website using a SQL injection. Essentially, this would let attackers target your website's visitors with various maladies, such as malware.

To warn you, this situation is bad and can get complicated. We have protection measures in place to minimize the risk of your Website actually being affected, but it's important to proceed as if your Website is compromised.


Analyzing Your Situation

The first thing to investigate is the situation you and your Website are in.

Did you upgrade your Website before the first reports of compromise?

YES: Your Website is unaffected.

NO: You must restore your Website from backup, and then upgrade it.

Do you have a backup of your website and website?

YES: Follow this procedure (individual steps outlined in Procedures section):

  1. Restore your website (if you do not have a backup, complete the remaining procedure outlined here and then see Removing Backdoors Manually)
  2. Restore your database (if you do not have a backup, complete the remaining procedure outlined here and then see Removing Backdoors Manually)
  3. Upgrade Drupal

Unsure? If you don't have a backup you maintained yourself, we might be able to help.

Backup Availability

Hosting Type Backup info
Web & Classic Linux Website: Restoring a Linux Hosting Account

Database: Check Restoring section of Backing up and Restoring MySQL or MSSQL Databases
Disaster Recovery Backups available — contact customer support
Web & Classic Windows Website & Database: Disaster Recovery Backups available — contact customer support
Plesk Website & Database: View the Plesk section in Where can I download my shared hosting backups?

Disaster Recovery Backups also available to some customers — contact customer support
cPanel Website & Database: Backups available to some customers who installed the application through Installatron via Restoring Installatron Websites from Backups

Users could have created backups using Back up your website

If you do have a backup, see the YES section; otherwise, see the NO section.

NO: Follow this procedure (individual steps outlined in Procedures section)

  1. Upgrade Drupal
  2. Remove backdoors manually

Procedures

Before beginning the procedures outlined below, make sure you complete them in the correct order by cross-referencing your situation with the Analyzing Your Situation section.

Restoring Your Website

Before beginning, you must have a backup of your website created before Oct. 15, 2015 at 11pm UTC. Restoring from this backup will revert your Website to the state it was at when the backup was taken. It's not ideal, but it's your best bet against passing malware onto your visitors.

If you have only one domain on your hosting account:

  1. Create a backup of your compromised Website (more info). We urge you to do this so you do not lose all of your content in case something goes awry.
  2. Using an FTP client (more info), remove all of the content in your website's root directory. (What is my website's root directory?)
  3. Restore your website from its backup (more info).

If you have multiple domain names on your website:

  • With backups for each Website: You can use the above process, but remove the content from each domain name's root directory, and then restore it using its backups.
  • Without backups for each Website: You should complete the above procedure for your Drupal domain name, but you will still need to use the information in Manually Removing Backdoors for your account's other files.

Restoring Your Database

Before beginning, you must have a database backup created before Oct. 15, 2015 at 11pm UTC. Restoring from this backup will revert your Website to the state it was at when the backup was taken. It's not ideal, but it's your best bet against passing malware onto your visitors.

  1. Create a backup of your compromised database (more info). We urge you to do this so you do not lose all of your content in case something goes awry.
  2. Note your database's name. You will need to recreate a database using the exact same name.
  3. Remove the database from your account (more info).
  4. Create a new MySQL database that uses the same name (more info).
  5. Restore your database from its backup (more info).

We also recommend changing your Drupal's MySQL database password. To do that you'll need to change the database's password (more info), and then update it in Drupal (more info).

Upgrade Drupal

You need to upgrade your Drupal version to 7.32. Drupal has those instructions here.

Manually Remove Backdoors

If you do not have a backup of either your website or database (or both), you must manually remove any backdoors from your Drupal installation.

To manually remove any backdoors yourself using the Drupal-recommended procedure outlined here. This procedure is very complicated and requires an advanced understanding of the technologies Drupal uses (PHP, MySQL) to use effectively. Not all steps listed in the procedure are applicable to shared hosting environments, but completing what you can from this list will provide you the greatest likelihood of removing backdoors from your Website.

Domain Registration

Pay less for website domain names. Register your own .com, .net or .org for as low as $10.18 per year. We have everything you need to get online with your new domain.

Website Builder

Build an amazing website in just under an hour with Website Builder. Take advantage of designs created just for your industry and then customize them to reflect your one-of-a-kind idea.

Website Security

Protect your website and keep customers safe. Your comprehensive Website Security solution. Get peace of mind by securing your websites.

cPanel Hosting

Everything needed to give your website the high-performance home it deserves.  Protect transactions and secure your customer's data with a SSL Certificate
Copyright © 2005 - 2024.  All rights reserved.  Privacy Policy