0
Welcome Guest! Login
0 items Join Now

hacked sites with newest joomla

Last Post
Search Topic
    • G.P.P's Avatar
    • G.P.P
    • Rocketeer
    • Posts: 56
    • Thanks: 0

    hacked sites with newest joomla

    Posted 15 years 3 months ago
    • Hello just want to make a heads up

      On my server I got around 100 domains with joomla sites on last week I got all the new
      1.5 joomla sites hacked simultanios with a html page + they have now changed so I cant enter the sites even if I change the admin password in the Mysql
      some of the sites I getting a XXS script warning on when trying to upload pics jpg on it.

      I have looked over the modules and all are updated and those I dont use are not installed/removed
      my webhotel stating its been hacked true the joomla site not true ftp or acces to my webhotelaccount

      But all the old joomla is working fine

      any tips how to make joomla more secure ?
    • pardon for bad english grammar, write a guide please.
    #452092
    • Invision's Avatar
    • Invision
    • Hero Rocketeer
    • Posts: 261
    • Thanks: 0

    Re: hacked sites with newest joomla

    Posted 15 years 3 months ago
    • docs.joomla.org/Category:Security_Checklist

      Well, i remember a tutorial somewhere, But cannot find it. It has a lot to do with .htaccess file. If you have a static IP you can disable other IP's frm entering the admin panel. Also, you can stop certain scripts/codes.

      If/when i find them, Will PM you with it :oops: for now you can refer the above as well as RT forums. There is a tutorial. Just search :oops:
    • Apache Version 2.2.14 (Unix) | PHP Version 5.2.12 | MySQL Version 5.1.43-log | Architecture x86_64 | OS Linux | Joomla Version 1.5.20 | pHpBB v3.0.7-PL1 | Firefox v3.6.8 | Internet Explorer 8 |
    #452145

  • Re: hacked sites with newest joomla

    Posted 15 years 3 months ago
    • About 7 of my Joomla sites were hacked by "SecurityBus" about a week ago. The current sites were up to date but there was an old 1.0 site in a sub-folder that I'd forgotten about that gave access to my account and once in all the other sites could be attacked.

      I thought I'd fixed everything - but 2 days later a phishing site was discovered by Google and my webhost on my account - and my entire account was suspended. So beware! Apart from the distracting hassle of all the index.php pages being altered and passwords being changed, something really nasty may be hidden in an obscure folder somewhere on your account.

      After being hacked on a lesser scale 18 months ago, I always set up the third account on the site as a fallback super-admin account as it is usually the first admin account that gets attacked, and this way you can still get into your site and just delete the first admin account.
    #452155
    • G.P.P's Avatar
    • G.P.P
    • Rocketeer
    • Posts: 56
    • Thanks: 0

    Re: hacked sites with newest joomla

    Posted 15 years 3 months ago
    • yes I gone true my server and find some one hade pointed a domain called erikcyber.com to my webhotel and created a map for it
    • pardon for bad english grammar, write a guide please.
    #452451

Time to create page: 0.169 seconds