Support

Admin Tools cannot possibly have any impact or control over what appears at the top of a search engine's results given a specific set of search parameters. You are looking for an SEO extension, not a security extension.

Google is a search engine. I believe you might mean Google Chrome which is a browser.

For what it's worth, I typed https://azharacademybolton.org to both Google the search engine and Google Chrome the browser. In both cases I was taken to your site which currently does not display due to an error.

My advice for hacked sites is to start by using a clean computer to change your hosting password, FTP/SFTP password, and database password. Don't use a password you will remember. Definitely don't use a password you are using before or which is derived by information about you, your family, or your site. Always check the password with https://haveibeenpwned.com/Passwords to see if it's one of the cracked passwords which are extremely likely to be used by hackers. I strongly recommend using a password manager such as 1Password, KeePassXC, or even your browser's password to generate a long (at least 32 characters long, ideally 64 or more characters), random password which consists of lower and uppercase letters, numbers, and special characters.

Remove everything from your site. restore the last known good backup and immediately take your site offline. Update everything (Joomla, extensions, the template which is also using PHP code).

Are there any extensions no longer updated? Are there any custom scripts or custom code (beyond output customisation)? These could be the culprits. Definitely find alternatives from the former, audit the latter.

Change the passwords of all Super User accounts AND the passwords of their email accounts. A Super User account linked to a fairly simple to guess email address with an easy to guess password is worse than putting up a sign "Come in and hack me plenty". As an additional measure, enable Multi-factor Authentication (if you're using Joomla 4.2 or later), or use Akeeba LoginGuard if you're using Joomla 3 or Joomla 4.0/4.1. Ideally you should be using a FIDO/FIDO2 hardware key (you can buy one for £5 at Amazon), if you can't be bothered at least use the Authenticator Code method with Twilio Authy on your phone as the code generator application.

Run the Admin Tools' PHP File Change Scanner and mark all files as safe. This is your base reference.

Take another backup and keep it safe.

Only then you can put your site back online.

If you get hacked again use Admin Tools' Emergency Off-line Mode on top of Joomla's off-line mode (in Global Configuration) to set the site off-line. Now you can start getting suspicious as to why this happened again.

Run the PHP File Change Scanner again. You will see which PHP files got modified / created. You can look at the server's access log around the time these files got modified / created to see what got executed. That's how you'll find what happened.

Since you had already changed all passwords and upgraded everything it will probably be one of very few possibilities:

• Something wasn't upgraded. Did you have an extension no longer updated (even a template!) which you didn't update, or any custom code / script external to Joomla, either of which you decided not to remove? Treat it with the same level of scrutiny you'd put towards a £3 banknote.
• Do you have any other privileged accounts (anything between Publisher and Administrator)? Maybe their passwords and/or email accounts were compromised.
• Do files magically appear to be compromised, without any suspicious activity in the access log? That would mean that the hack is coming outside the web server: the hosting control panel (but you've changed its password to something secure), FTP/SFTP (ditto), or another compromised site on the same hosting account or server.

Happy hunting!