How to reset Joomla (admin) passwords in MySQL

Oh joy, you lost the admin password. Now what?

If the admin user is still defined, the simplest option is to change the password in the database to a known value. This requires that you have access to the MySQL database using phpMyAdmin.

“what, no hacking?”, I hear you say. No. Again, you need access to the MySQL database by using phpMyAdmin.

  1. Navigate to phpMyAdmin and select the database for the Joomla site in the left-hand drop-down list box. This will show the database tables on the left side of the screen.
  2. Click on the table “jos_users” in the list of tables.
  3. Click on the “Browse” button in the top toolbar.
  4. Find the user whose password you want to change and press the Edit icon for this row. A form will display that allows you to edit the password field.
  5. Copy the following value into the password field and press the Go button.
    d2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199
    
  6. At this point, the password should be changed to “secret”.
  7. Log in with this user and password and change the password of this user to a secure value.

Loading

Getting files ready for CDN server

find ./public_html/ -name "*.jpg" -o -name "*.JPG" | tar -cf archive-01062017-jpg.tar.gz -T -
find ./public_html/ -name "*.png" -o -name "*.PNG" | tar -cf archive-01062017-png.tar.gz -T -
find ./public_html/ -name "*.pdf" -o -name "*.PDF" | tar -cf archive-01062017-pdf.tar.gz -T -
find ./public_html/ -name "*.gif" -o -name "*.GIF" | tar -cf archive-01062017-gif.tar.gz -T -
find ./public_html/ -name "*.zip" -o -name "*.ZIP" | tar -cf archive-01062017-zip.tar.gz -T -
find ./public_html/ -name "*.css" -o -name "*.CSS" | tar -cf archive-01062017-css.tar.gz -T -
find ./public_html/ -name "*.js" -o -name "*.JS" | tar -cf archive-01062017-js.tar.gz -T -

Loading

Should I use VestaCP?

No.

Only recently it got patched because it apparently puked out the root password. Secondly, Roundcube is horribly outdated and not easily to upgrade. It also still has the white-space bug, preventing you from logging in.

If you finally fixed the bug and managed to log in, you can’t send any email. It’s supposed to run out of the box and it only does it partially. The interface is easy and once it works, it does the thing. But generally, it’s poorly maintained.

Loading

Upgrade to PHP7.2

  1. apt-get install apt-transport-https lsb-release ca-certificates
  2. wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
  3. sh -c 'echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list'
  4. apt-get update
  5. apt-get install php7.2-common libapache2-mod-php7.2 php7.2-cgi php7.2-cli php7.2-phpdbg php7.2-fpm libphp7.2-embed php7.2-dev php7.2-curl php7.2-gd php7.2-imap php7.2-interbase php7.2-intl php7.2-ldap php7.2-readline php7.2-odbc php7.2-pgsql php7.2-pspell php7.2-recode php7.2-tidy php7.2-xmlrpc php7.2 php7.2-json php-all-dev php7.2-sybase php7.2-sqlite3 php7.2-mysql php7.2-opcache php7.2-bz2 libapache2-mod-php7.2 php7.2-mbstring php7.2-pdo php7.2-dom php7.2-enchant php7.2-gmp php7.2-soap php7.2-zip

In case you need mcrypt:

  1. apt-get -y install gcc make autoconf libc-dev pkg-config
  2. apt-get -y install libmcrypt-dev
  3. apt-get install php7.2-dev
  4. pecl install mcrypt-1.0.1

    When you see the prompt “libmcrypt prefix? [autodetect] :” -> Press [Enter] to autodetect

  5. php -i | grep "mcrypt"

  1. a2dismod php7.0

    *or whatever version you are upgrading from)

  2. a2enmod php7.2

 

Loading