Results 1 to 21 of 21

Thread: Sites hacked!

  1. #1
    Join Date
    Aug 2006
    Location
    Bangalore
    Posts
    379

    Sites hacked!

    Few of my sites are hacked.. Host say they passed some gif file which had scripts..

    I dont know when my host say they are proactive it also part of intruders isnt it? Not sure though.

    Can you suggest me what all should be my actions? Few are joomla sites.

    Kindly assist,

    Thanks,
    Puneetha

  2. #2
    Join Date
    Dec 2011
    Location
    Surrey, BC
    Posts
    445
    Do you have a back up copy of your sites that were compromised?

  3. #3
    Join Date
    Aug 2006
    Location
    Bangalore
    Posts
    379
    Quote Originally Posted by GeneZSolutions View Post
    Do you have a back up copy of your sites that were compromised?
    Yes.. i have asked them to restore for now. But not sure.. if the attack could be made again?

  4. #4
    Join Date
    Apr 2013
    Location
    Data center
    Posts
    539
    Quote Originally Posted by NETIDER View Post
    Yes.. i have asked them to restore for now. But not sure.. if the attack could be made again?
    Are you running on the latest versions of joomla or other software?

  5. #5
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387

    Re: Sites hacked!

    What version of joomla are you using?
    Licensecart - We only sell High Quality licenses
    Visit us @ Licensecart.com ~ sales(➾)licensecart.com ~ webhostbundle.com
    WHT isn't what it used to be… power changes people :]

  6. #6
    Join Date
    Aug 2006
    Location
    Bangalore
    Posts
    379
    Quote Originally Posted by NEQ3 - Sam View Post
    Are you running on the latest versions of joomla or other software?
    My Client doesnt update the joomla.. My host told me that there are symbolic links etc on the server. I wonder how the admin user also gets changed!

    I have asked them to update to latest.

  7. #7
    Join Date
    Aug 2006
    Location
    Bangalore
    Posts
    379
    Quote Originally Posted by CW Mike View Post
    What version of joomla are you using?
    Initially Joomla 2.5.1 which got hacked.. and later few J3.x sites also showing as hacked today.

  8. #8
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387

    Re: Sites hacked!

    Quote Originally Posted by NETIDER View Post
    My Client doesnt update the joomla.. My host told me that there are symbolic links etc on the server. I wonder how the admin user also gets changed!

    I have asked them to update to latest.
    Ah this is where cloudlinux would of helped. Restore the backups and update to 2.5.16 (latest version) might patch the exploits.
    Licensecart - We only sell High Quality licenses
    Visit us @ Licensecart.com ~ sales(➾)licensecart.com ~ webhostbundle.com
    WHT isn't what it used to be… power changes people :]

  9. #9
    Join Date
    Oct 2002
    Location
    State of Disbelief
    Posts
    22,952
    Quote Originally Posted by CW Mike View Post
    Restore the backups and update to 2.5.16 (latest version) might patch the exploits.
    http://www.joomla.org/download.html
    Joomla 3.2 is the newest version
    Having problems, or maybe questions about WHT? Head over to the help desk!

  10. #10
    Join Date
    May 2007
    Posts
    286
    At least you have backups which will help you for now to at least bring all of your sites back up to function, but I have learned to make sure as well to always have everything up to date when it comes to situations like this because that's when hacks happen.
    They call me the bread baker

  11. #11
    Join Date
    Dec 2007
    Location
    LocalHost
    Posts
    1,303
    Before upgrading, you may consider cleaning all un-wanted old files.
    Delete all old Joomla files and upload fresh files.
    YagHost - Pure SSD Hosting | Since 2007 | Average Response Time: 15 min
    Web Hosting | Reseller Hosting | Managed VPS Hosting
    99.9% Server Uptime Guarantee | 24/7 Rapid Response Tech Support | 30 Day Money Back Guarantee
    LopHost.com - Web Hosting Tutorials

  12. #12
    Join Date
    Nov 2010
    Location
    Las Vegas
    Posts
    490
    Agreed with above. Make sure you delete all unwanted files. Also you can try a plugin to increase security. jHackGuard is one I have heard of if you want to try.
    HostClearly.com
    HostClearly Web Hosting
    #WeAreYourBussinessPartner
    Shared, Reseller, and VPS Hosting since 2010!

  13. #13
    Join Date
    Sep 2010
    Posts
    198

    Re: Sites hacked!

    What you expect from joomla? Forget joomla. Go for WordPress.

  14. #14
    One more thing that can make your website more vulnerable is the plug-ins you have installed.

    Keep your Joomla system updated, and check your plugins list (if there is anything there which you didn't intend to install, remove it).

  15. #15
    Join Date
    Jul 2010
    Location
    Bogotá, Colombia.
    Posts
    368
    Quote Originally Posted by bear View Post
    http://www.joomla.org/download.html
    Joomla 3.2 is the newest version
    But 2.5.16 is the latest stable version for 1.x and 2.x versions released just a few weeks ago
    http://www.joomla.org/announcements/...-released.html

  16. #16
    Join Date
    Jul 2002
    Location
    World Wide Web
    Posts
    1,680
    Quote Originally Posted by HostFill View Post
    What you expect from joomla? Forget joomla. Go for WordPress.
    That is a bad advice. Both Joomla and WordPress are vulnerable if they are outdated or they have plugins or templates with backdoors. It is not matter of the software used but of the maintenance and security measures taken.
    Michael Vlastos
    HostWired.com - Innovative Hosting Solutions since 2005 | cPanel, Softaculous
    Personalized support | No site suspensions | No overloaded servers | Green Hosting
    Multiple Backups | Average Response Time: 20 min | Toll Free: 1-855-ECO-HOST

  17. #17
    Join Date
    Aug 2006
    Location
    Bangalore
    Posts
    379
    Quote Originally Posted by Dr_Michael View Post
    That is a bad advice. Both Joomla and WordPress are vulnerable if they are outdated or they have plugins or templates with backdoors. It is not matter of the software used but of the maintenance and security measures taken.
    Thank you.

    Does this mean if we have Static HTML sites the hacking not possible? Its really strange for me (ofcourse i am still learning to tackle), how the world hackers:

    1. send the files
    2. modify the database users / contents

  18. #18
    Join Date
    Jul 2010
    Location
    Bogotá, Colombia.
    Posts
    368
    While it would be 99% more secure, nothing is 100% safe (for me only Universal physic laws and Death are )
    One example: http://jeremiahgrossman.blogspot.com...-our-turn.html
    --
    Your site can be attacked from another source, a vulnerable web-server or control panel, services that require credentials (ssh, ftp), even your domain provider or a network infrastructure issue... so even if you have a static website there's a risk...

    There are many methods to attack a site, for the ones you ask, I'd say they are related to XSS and SQL injection... here you can see a list of the most common methods and the explanation for one of them: http://www.acunetix.com/websitesecur...ite-scripting/

  19. #19
    look like that attackers attacked your joomla sites through symlink. in that case, you should take following security measures:

    1- Ask you hosting company to install apache symlink protection.
    2- change joomla configuration file permissions to 400.
    3- change htaccess file permission to to 404.
    4- remove all vulnerable and nulled plugins.
    5- use latest version of joomla

  20. #20
    Join Date
    Aug 2006
    Location
    Bangalore
    Posts
    379
    Quote Originally Posted by vtechpk View Post
    look like that attackers attacked your joomla sites through symlink. in that case, you should take following security measures:

    1- Ask you hosting company to install apache symlink protection.
    2- change joomla configuration file permissions to 400.
    3- change htaccess file permission to to 404.
    4- remove all vulnerable and nulled plugins.
    5- use latest version of joomla
    Thank you!

  21. #21
    Vtechph offers good information. Something that will also help you out is go into your global configuration settings and make sure restrict uploads is checked. Make sure you restrict gif, php , files from being uploaded. As a matter of fact just leave your common images like jpg,png and such only allowed to be uploaded.

    Most of what you will see with Joomla is .gif and files like image.php will be uploaded to the images folder and the other folders under images.

Similar Threads

  1. What are you doing about all the WP sites getting hacked?
    By Montobhan in forum Web Design and Content
    Replies: 36
    Last Post: 10-11-2013, 10:16 AM
  2. Replies: 12
    Last Post: 11-29-2011, 02:35 PM
  3. Sites getting hacked help!
    By klair_di_sardari in forum Hosting Security and Technology
    Replies: 3
    Last Post: 04-14-2010, 12:39 PM
  4. My RZ sites hacked!
    By lindmar in forum Reseller Hosting
    Replies: 16
    Last Post: 07-29-2006, 09:50 PM
  5. Sites Hacked
    By idolhost in forum Web Hosting
    Replies: 17
    Last Post: 07-27-2003, 05:35 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •