Results 1 to 8 of 8
Thread: joomla website permission
Hybrid View
-
12-22-2010, 04:41 AM #1Junior Guru Wannabe
- Join Date
- Sep 2008
- Posts
- 45
joomla website permission
hi i have a reseller with some company most of my client use joomla as a portal for there website
for 2 week now i get hack from a team they start site per site
all they make change index code no more all i made i re upload the index
i contact with the support team in hosting company and they help me sometime and in other case they say i have error in permission i make all folder with 755 and file with 644
now i get yesterday a new hack " index code change "
1- did there is a permission more secured ?
2- the hacker say on there code they hack from server but the support say no what i can do
3- did there an Enterprise security i can contact with him to Complaint the hacker " they use vb forum to teach people how they can hack
sorry if my English is not good
regards
-
12-22-2010, 05:08 AM #2Web Hosting Master
- Join Date
- Mar 2009
- Location
- Gods Own Country
- Posts
- 681
You also have to ensure the ownership of the files/folders is the account user. If the server is suphp you are more secure. Most probably it might be using Apache mod_php module.
The index files can also be uploaded using leaked FTP password.█ Fabin Mundattil @ Xieles Support
█ High Quality Server Management | support @ xieles.com
█ https://xieles.com
-
12-22-2010, 06:03 AM #3Junior Guru Wannabe
- Join Date
- Sep 2008
- Posts
- 45
how i can know the server is server is suphp
if there is a way i can Prevention uploaded index file from other except me or the owner of hosting no more
-
12-23-2010, 08:27 AM #4Web Hosting Master
- Join Date
- Jul 2009
- Posts
- 1,568
Create a test php file and set the permissions to 777 and browse the file. If you are able to browse the file, the server isn't SuPHP enabled.
There are lots of things you need to look at, say, password of your account, directory permissions, injected files under your account, compromised server etc
If you have changed the password and directory/file permissions are all correct, it's mostly the server is compromised and the hackers can easily replace the index files of all the accounts whenever they wish to.
The only people who can help you out and make proper changes is your hosting provider as they have more than enough access to the server to check everything. Server wide changes helps to solve such issues more quickly than account wide changes.| LinuxHostingSupport.net
| Server Setup | Security | Optimization | Troubleshooting | Server Migration
| Monthly and Task basis services.
| MSN : madaboutlinux[at]hotmail.com | Skype : madaboutlinux
-
12-23-2010, 03:23 AM #5Junior Guru Wannabe
- Join Date
- Dec 2010
- Posts
- 42
are you using ckforms on the joomla site? or any of them? Mine were recently hacked via that method. the ckforms 1.3.4 and older are vulnerable to sql injection.
-
12-23-2010, 04:26 AM #6Web Hosting Master
- Join Date
- Jan 2003
- Location
- U.S.A.
- Posts
- 3,928
If your securing your folders and php files with 755 and 644 your doing everything right. I would make sure that your running the latest version of joomla and find out more information of how the index file is being changed. This information should be able to be retrieved from your support team. The other thing you want to make sure you do is change your passwords!
-
12-23-2010, 04:38 AM #7Web Hosting Master
- Join Date
- Mar 2009
- Location
- Gods Own Country
- Posts
- 681
If your securing your folders and php files with 755 and 644 your doing everything right.
how i can know the server is server is suphp█ Fabin Mundattil @ Xieles Support
█ High Quality Server Management | support @ xieles.com
█ https://xieles.com
-
12-24-2010, 08:07 AM #8Web Hosting Master
- Join Date
- Nov 2004
- Location
- Australia
- Posts
- 1,737
just a little postscript:
while get suphp or similar on the server is a great help to security, it isn't everything.
Similar Threads
-
Joomla install - best way to solve directory permission issues?
By kreativ in forum Hosting Security and TechnologyReplies: 16Last Post: 12-23-2010, 01:56 AM -
Joomla Website Development
By nkdweb in forum Employment / Job RequestsReplies: 4Last Post: 04-12-2010, 09:41 AM -
Joomla-nized website!
By Isriyanti in forum Web Design and ContentReplies: 2Last Post: 01-12-2008, 12:07 PM -
If you post a link to a newspaper's website - do you need its permission?
By Host Ghost in forum Web Design and ContentReplies: 9Last Post: 09-20-2007, 11:04 AM -
Considering a host for Joomla website
By Willdex in forum Web HostingReplies: 16Last Post: 11-05-2006, 12:38 PM