0
Welcome Guest! Login
0 items Join Now

Strange Spam

Last Post
Search Topic

  • Re: Strange Spam

    Posted 15 years 1 month ago
    • I have something similar on one of my sites. If I search in Google for:islandchristianfellowship viagra, I get this for the site description:"cialis without prescription tramadol without prescription pain medications without a prescription prescription drugs without prescription viagra without prescription cheap tramadol ..."
      The site must of got hacked but I do not know what files to look for and remove.

      Andy said:"security measures in place to watch for any new/changes to files". What is the best way to do this?
      Any help would be appriciated. The site is at www.islandchristianfellowship.com
    #478411
    • Sam Lewis's Avatar
    • Sam Lewis
    • Jr. Rocketeer
    • Posts: 26
    • Thanks: 0

    Re: Strange Spam

    Posted 15 years 1 month ago
    • Monkey biz,

      Just a guess by looking at your site but check your xmlrpc directory for a file named satellite.php. Could be nothing but when I look at your site with FirePHP enabled I see TONS of spam links and then this error:

      Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home3/
      /public_html/xmlrpc/satellite.php:1486) in /home3/
      /public_html/libraries/joomla/session/session.php on line 423

      So it looks to me like that file satellite.php might have sent the headers generating those links. Tough to say though without seeing the code.
    • Sam Lewis
      Moxie Media, LLC

      GoMoxieMedia.com
    #478591
    • Andy Miller's Avatar
    • Andy Miller
    • Preeminent Rocketeer
    • Posts: 9919
    • Thanks: 96
    • Web Kahuna

    Re: Strange Spam

    Posted 15 years 1 month ago
    • You might want to check the components/com_content/content.php file, that's where we found some interesting things. Regarding security, we employ a very capable security/firewall script from www.configserver.com . It's for WHM/CPanel boxes, but is very configurable and does a good job overall.
    #478642

  • Re: Strange Spam

    Posted 15 years 1 month ago
    • Thanks for all the help. There was so much junk in the site I had to delete the site and restore a Joomlapack backup.
      From what I understand hackers can get in through some 3rd party extensions. Is that correct?
    #478923

Time to create page: 0.062 seconds