Results 1 to 21 of 21
Thread: Sites hacked!
-
11-16-2013, 05:53 AM #1Disabled
- Join Date
- Aug 2006
- Location
- Bangalore
- Posts
- 385
Sites hacked!
Few of my sites are hacked.. Host say they passed some gif file which had scripts..
I dont know when my host say they are proactive it also part of intruders isnt it? Not sure though.
Can you suggest me what all should be my actions? Few are joomla sites.
Kindly assist,
Thanks,
Puneetha
-
11-16-2013, 06:01 AM #2Web Hosting Evangelist
- Join Date
- Dec 2011
- Location
- Surrey, BC
- Posts
- 454
Do you have a back up copy of your sites that were compromised?
-
11-16-2013, 06:02 AM #3Disabled
- Join Date
- Aug 2006
- Location
- Bangalore
- Posts
- 385
-
11-16-2013, 06:05 AM #4Web Hosting Evangelist
- Join Date
- Apr 2013
- Location
- Data center
- Posts
- 541
-
11-16-2013, 06:06 AM #5Disabled
- Join Date
- Dec 2010
- Location
- 127.0.0.1
- Posts
- 5,732
Re: Sites hacked!
What version of joomla are you using?
-
11-16-2013, 06:07 AM #6Disabled
- Join Date
- Aug 2006
- Location
- Bangalore
- Posts
- 385
-
11-16-2013, 06:09 AM #7Disabled
- Join Date
- Aug 2006
- Location
- Bangalore
- Posts
- 385
-
11-16-2013, 06:36 AM #8Disabled
- Join Date
- Dec 2010
- Location
- 127.0.0.1
- Posts
- 5,732
-
11-16-2013, 09:19 AM #9
http://www.joomla.org/download.html
Joomla 3.2 is the newest versionYour one stop shop for decentralization
-
11-16-2013, 09:35 AM #10Web Hosting Guru
- Join Date
- May 2007
- Posts
- 344
At least you have backups which will help you for now to at least bring all of your sites back up to function, but I have learned to make sure as well to always have everything up to date when it comes to situations like this because that's when hacks happen.
They call me the bread baker
-
11-16-2013, 10:58 AM #11Web Hosting Master
- Join Date
- Dec 2007
- Location
- LocalHost
- Posts
- 1,317
Before upgrading, you may consider cleaning all un-wanted old files.
Delete all old Joomla files and upload fresh files.█ YagHost - Fast Reliable Hosting Since 2009
█ Managed VPS - NVMe DirectAdmin
█ Web Hosting - NVMe SSD, AMD EPYC, 10 Gbps (US, Europe, Singapore)
-
11-16-2013, 12:11 PM #12Web Hosting Evangelist
- Join Date
- Nov 2010
- Location
- Las Vegas
- Posts
- 459
Agreed with above. Make sure you delete all unwanted files. Also you can try a plugin to increase security. jHackGuard is one I have heard of if you want to try.
██ HostClearly.com
██ HostClearly Web Hosting
██ #WeAreYourBussinessPartner
██ Shared, Reseller, and VPS Hosting since 2010!
-
11-16-2013, 12:45 PM #13Junior Guru
- Join Date
- Sep 2010
- Posts
- 208
Re: Sites hacked!
What you expect from joomla? Forget joomla. Go for WordPress.
-
11-16-2013, 03:47 PM #14New Member
- Join Date
- Nov 2013
- Posts
- 4
One more thing that can make your website more vulnerable is the plug-ins you have installed.
Keep your Joomla system updated, and check your plugins list (if there is anything there which you didn't intend to install, remove it).
-
11-16-2013, 04:38 PM #15Aspiring Evangelist
- Join Date
- Jul 2010
- Location
- Bogotá, Colombia.
- Posts
- 368
But 2.5.16 is the latest stable version for 1.x and 2.x versions released just a few weeks ago
http://www.joomla.org/announcements/...-released.html
-
11-17-2013, 05:09 AM #16NetDynamics LLC - One-stop Solution for Hosting Needs
We love Backups! Backup storage for your server backups
-
11-17-2013, 08:33 AM #17Disabled
- Join Date
- Aug 2006
- Location
- Bangalore
- Posts
- 385
-
11-17-2013, 09:45 AM #18Aspiring Evangelist
- Join Date
- Jul 2010
- Location
- Bogotá, Colombia.
- Posts
- 368
While it would be 99% more secure, nothing is 100% safe (for me only Universal physic laws and Death are )
One example: http://jeremiahgrossman.blogspot.com...-our-turn.html
--
Your site can be attacked from another source, a vulnerable web-server or control panel, services that require credentials (ssh, ftp), even your domain provider or a network infrastructure issue... so even if you have a static website there's a risk...
There are many methods to attack a site, for the ones you ask, I'd say they are related to XSS and SQL injection... here you can see a list of the most common methods and the explanation for one of them: http://www.acunetix.com/websitesecur...ite-scripting/
-
11-17-2013, 10:43 AM #19Junior Guru Wannabe
- Join Date
- Apr 2013
- Posts
- 90
look like that attackers attacked your joomla sites through symlink. in that case, you should take following security measures:
1- Ask you hosting company to install apache symlink protection.
2- change joomla configuration file permissions to 400.
3- change htaccess file permission to to 404.
4- remove all vulnerable and nulled plugins.
5- use latest version of joomla
-
11-17-2013, 11:04 AM #20Disabled
- Join Date
- Aug 2006
- Location
- Bangalore
- Posts
- 385
-
11-17-2013, 12:47 PM #21Web Hosting Master
- Join Date
- Dec 2010
- Posts
- 694
Vtechph offers good information. Something that will also help you out is go into your global configuration settings and make sure restrict uploads is checked. Make sure you restrict gif, php , files from being uploaded. As a matter of fact just leave your common images like jpg,png and such only allowed to be uploaded.
Most of what you will see with Joomla is .gif and files like image.php will be uploaded to the images folder and the other folders under images.█| Buzy Bee Hosting, LLC★sales@bzybhosting.com★Dedicated★KVM VPS★
█| Self/Fully Managed★ Shared Hosting★cPanelŽ★ 99.9% uptime★
█| Softaculous★ CMS hosting★ SSL Certs★ Idera CDP Backup, FTP Backup
Similar Threads
-
What are you doing about all the WP sites getting hacked?
By Montobhan in forum Web Design and ContentReplies: 36Last Post: 10-11-2013, 10:16 AM -
Customer sites hacked on regular basis due to laziness to maintain their own sites
By piccolo in forum Hosting Security and TechnologyReplies: 12Last Post: 11-29-2011, 02:35 PM -
Sites getting hacked help!
By klair_di_sardari in forum Hosting Security and TechnologyReplies: 3Last Post: 04-14-2010, 12:39 PM -
My RZ sites hacked!
By lindmar in forum Reseller HostingReplies: 16Last Post: 07-29-2006, 09:50 PM -
Sites Hacked
By idolhost in forum Web HostingReplies: 17Last Post: 07-27-2003, 05:35 AM