RocketTheme - TOPIC: Gantry a security risk?

Welcome Guest! Login

0 items Join Now

- studio673
- Sr. Rocketeer
- Posts: 160
- Thanks: 0
Gantry a security risk?

Posted 13 years 8 months ago
- Anyone know of attacks to the Gantry code?
  See attached pics.
  We were attacked and found this in the templates folder. Site is using Quantive 1.5xx.
  This image is hidden for guests.
  Please log in or register to see it.
  
  This image is hidden for guests.
  Please log in or register to see it.
#691661
- Andy Miller
- Preeminent Rocketeer
- Posts: 9919
- Thanks: 96
- Web Kahuna
Re: Gantry a security risk?

Posted 13 years 8 months ago
- We don't know of any security vulnerabilities in Gantry. I'm not sure what the issue is based on your screenshots. What was found that you feel is not correct? The first image shows firebug which is the output from a rendered page, and the second screenshot is just the first line of a php file?
#691668
- Andy Miller
- Preeminent Rocketeer
- Posts: 9919
- Thanks: 96
- Web Kahuna
Re: Gantry a security risk?

Posted 13 years 8 months ago
- We don't know of any security vulnerabilities in Gantry. I'm not sure what the issue is based on your screenshots. What was found that you feel is not correct? The first image shows firebug which is the output from a rendered page, and the second screenshot is just the first line of a php file?
#691669
- studio673
- Sr. Rocketeer
- Posts: 160
- Thanks: 0
Re: Gantry a security risk?

Posted 13 years 8 months ago
- Andy Miller wrote:
  We don't know of any security vulnerabilities in Gantry. I'm not sure what the issue is based on your screenshots. What was found that you feel is not correct? The first image shows firebug which is the output from a rendered page, and the second screenshot is just the first line of a php file?
  You will see that there are url's and other information that shouldn't be there - apparently they link to porn sites. It looks Russian or eastern european and mentions the word porno. Not something I would have put in there!
  The second screenshot is the path to the file that was hacked.
  I went into the Template manager and selected the edit HTML file which happens to be the file that was hacked and deleted the lines. I was tipped off by a University IT person that happened to visit our site.
  The question is how could they hack into this file that is sitting in the Templates folders associated with Quantive and Gantry?
  
  I have updated to the latest Gantry version as a precaution in any case.
  
  Any ideas would be more than welcome. This is a school site.
#691677
- Henning
- Preeminent Rocketeer
- Posts: 29362
- Thanks: 954
- Volunteer
Re: Gantry a security risk?

Posted 13 years 8 months ago
- Are you using latest Joomla?
  Also be sure to use always the latest versions of all 3rd party stuff.
  Probably 90% of all hacks are invited by stuff not being up to date.
#691685
- studio673
- Sr. Rocketeer
- Posts: 160
- Thanks: 0
Re: Gantry a security risk?

Posted 13 years 8 months ago
- Yes, I have updated virtually everything that needs updating. I suppose the key here is to minimise the use of 3rd party extensions other than those that come with the template, for instance, to stay safe. Still not sure whether the Akeeba update takes into account 1.5xx or has jumped to 1.6 and 1.7?
#691692
- Andy Miller
- Preeminent Rocketeer
- Posts: 9919
- Thanks: 96
- Web Kahuna
Re: Gantry a security risk?

Posted 13 years 8 months ago
- Really it is highly unlikely it's Gantry, the thing is that the template file is the one to hack to get stuff to show up on the website, so of course once a hacker has gotten access to your site, they will modify this file. That doesn't mean that this was the file, nor gantry in fact, was the cause. Usually it's related to 3rd party extensions that are poorly coded. Rule of thumb is to only use the minimum number of 3rd party extensions you can get away with, and rigorously keep those up to date. Also, on a live site, a good trick is to edit the permissions of the main joomla index.php, and also the template's index.php so they are readonly.
#691871
- Stephanie Schmidt
- Sr. Rocketeer
- Posts: 131
- Thanks: 0
- Developer
Re: Gantry a security risk?

Posted 13 years 8 months ago
- Akeeba Admin Tools will let you check and set the proper folder permissions very easily, and the core version is free. Also as a developer I have seen instances of infections not on the site but actually on the users computer. There are viral programs that record your logins and use those to hack your site and write to files exactly as you have on your site, so be sure that all admins have virus protection if they are using windows.
  Andy is absolutely correct that it is most likely not Gantry at all, just that the template files are one of the targets that shows to the outside world.
  There is also a vulnerable extension list located here: http://docs.joomla.org/Vulnerable_Extensions_List You can check to see if any of the extensions you are using have been reported as having vulnerabilities.
- Regards,
  Stephanie
#691973
- studio673
- Sr. Rocketeer
- Posts: 160
- Thanks: 0
Re: Gantry a security risk?

Posted 13 years 8 months ago
- You obviously live and learn with regards to security. Thanks to all for the feedback. It certainly helps paint a clearer picture...
#692202