RocketTheme - TOPIC: Joomla Hacked, Annoyed yet? (2/3)

Welcome Guest! Login

0 items Join Now

- Peter Osipof
- Elite Rocketeer
- Posts: 1117
- Thanks: 0
Re: Joomla Hacked, Annoyed yet?

Posted 16 years 9 months ago
- I was hacked via 'mod_as_category.php' which is an AutoStand module but I don't have AutoStand never installed it somehow they got administrator access to backend and installed the module than hacked the whole site.
  
  xforce.iss.net/xforce/xfdb/33660
- VirtueShop
#144710
- CG Icon
- Hero Rocketeer
- Posts: 371
- Thanks: 0
Re: Joomla Hacked, Annoyed yet?

Posted 16 years 9 months ago
- Sorry man,,,
  
  I do not and never have understood the hack and the mentallity behind it and why a person would find some purpose in destroying another persons art, work and livelyhood ........... sickening
#144759
- Chris S
- Hero Rocketeer
- Posts: 292
- Thanks: 0
Re: Joomla Hacked, Annoyed yet?

Posted 16 years 9 months ago
- I monitored several Hack-Attempts at my sites - however, they all failed due to secure permissions and SELinux blocking Intrusion-Attempts
#144787
- Robert W
- Elite Rocketeer
- Posts: 815
- Thanks: 0
- IT
Re: Joomla Hacked, Annoyed yet?

Posted 16 years 9 months ago
- I know there was a component you could run that would check your security vulnerability but I cant think of the name of it or the guy who created it. I know his avatar in the Joomla forums had him w/ a cowboy hat and a red clown nose.
  
  Ring a bell anyone?
#144788
- Bob Ateah
- Elite Rocketeer
- Posts: 4521
- Thanks: 0
Re: Joomla Hacked, Annoyed yet?

Posted 16 years 9 months ago
- Robert Wade wrote:
  I know there was a component you could run that would check your security vulnerability but I cant think of the name of it or the guy who created it. I know his avatar in the Joomla forums had him w/ a cowboy hat and a red clown nose.
  
  Ring a bell anyone?
  
  Is that JTS (Joomla Tool Suite) that you are reffering to pal or maybe HISA ?
- The member formerly known as Roland Deschain
  After your question is solved, please Edit your original post and choose the Solved message icon, thank you!
#144808
- GollumX
- Elite Rocketeer
- Posts: 2817
- Thanks: 0
Re: Joomla Hacked, Annoyed yet?

Posted 16 years 9 months ago
- 1.) Check vulnerable extensions list before installing any unfamiliar extension.
  2.) Keep Joomla and extension up to date.
  3.) Find a host with phpSUexec. (...and say bye bye to permissions problems)
  4.) If on VPS or dedicated, install Configserver firewall. (get a high score on their fun security checklist.. I have 91/92.. with the 1 being a nobody cron file I prefer to leave as is )
  5.) Use a unique and Strong password for every instance (Don't use the same password for cpanel, db, your PC, joomla admin, internet banking, paypal, and findasoulmate.ru)
  6.) If on VPS or Dedicated, turn off the ability to log on directly as root. wheel group user > root. Even better, use pubkey authentication (no passwords).
  7.) If on VPS or Dedicated, turn off SSH1, change port for SSH2 to a nonstandard one.
  8.) If on VPS or dedicated, install and properly configure mod_security 2**
  9.) Keep your PC antivirus software and firewall up to date. (Esp. if using password storage features like the ones built into your browser.)
  10.) Don't download and/or install either on your server or PC any software or scripts obtained from dubious sources. (Stay away from warez, including pirated joomla extensions and templates)
  
  Anyone on a reseller (shared hosting) with 10,20,100 customers should increase your hosting charge by $1 or $2/mnth and move to a VPS or Dedi. Have a simple spreadsheet listing your sites in the first column and the extensions in the top row. Allocate one day per month to updating everything. Check for new versions of each extension and update the sites that run it. Update apache, cpanel/plesk including all other scripts on the server. It'll take a whole day, but pass that cost on to the clients.
  
  If you have a site with Joomla + a heavily hacked VM like me.. all is not lost. There is always hope. I find my Christian faith gives me solace. If I pray hard enough and sin as little as possible... the good lord will protect me from them script kiddies. My colleagues report beer works well too.... the more you drink, the more invincible you and your server become. "you want a piece of me?!! huh?? well?! do ya?.. do ya do ya??!! (Dory vs Marlin; Finding Nemo)
- Say no to Internet Explorer 6.
  twitter.com/mark_up
#144812
- Joe K
- Elite Rocketeer
- Posts: 902
- Thanks: 0
Re: Joomla Hacked, Annoyed yet?

Posted 16 years 9 months ago
- 3.) Find a host with phpSUexec. (...and say bye bye to permissions problems)
  4.) If on VPS or dedicated, install Configserver firewall. (get a high score on their fun security checklist.. I have 91/92.. with the 1 being a nobody cron file I prefer to leave as is Wink )
  6.) If on VPS or Dedicated, turn off the ability to log on directly as root. wheel group user > root. Even better, use pubkey authentication (no passwords).
  7.) If on VPS or Dedicated, turn off SSH1, change port for SSH2 to a nonstandard one.
  8.) If on VPS or dedicated, install and properly configure mod_security 2**
  
  So where do I write a check to get these done to my VPS?
#144838
- GollumX
- Elite Rocketeer
- Posts: 2817
- Thanks: 0
Re: Joomla Hacked, Annoyed yet?

Posted 16 years 9 months ago
- Heya Joe
  
  If I had the time, I could do it for you FOC (cept for mod_security configuration, which I haven't mastered) As is, I just have way way too much on my plate sorry
  
  There are tutorials to be found on forums everywhere about how to do them all, and you'll be at an advantage if you learn how to do it yourself. Google is your friend. Else...
  
  No.3 your host can do for you. They'll re-build Apache with the necessary changes.
  The rest I think are covered by Jonathan (aka Chirpy) with his Cpanel Service Package ($100) www.configserver.com/cp/cpanel.html
- Say no to Internet Explorer 6.
  twitter.com/mark_up
#144934
- damo
- Elite Rocketeer
- Posts: 2142
- Thanks: 0
Re: Joomla Hacked, Annoyed yet?

Posted 16 years 9 months ago
- Joe K wrote:
  3.) Find a host with phpSUexec. (...and say bye bye to permissions problems)
  4.) If on VPS or dedicated, install Configserver firewall. (get a high score on their fun security checklist.. I have 91/92.. with the 1 being a nobody cron file I prefer to leave as is Wink )
  6.) If on VPS or Dedicated, turn off the ability to log on directly as root. wheel group user > root. Even better, use pubkey authentication (no passwords).
  7.) If on VPS or Dedicated, turn off SSH1, change port for SSH2 to a nonstandard one.
  8.) If on VPS or dedicated, install and properly configure mod_security 2**
  
  So where do I write a check to get these done to my VPS?
  
  joe - my vps host pretty much did all that for me
  
  otherwise - just get yoruself a dedicated server and use these guys:
  www.platinumservermanagement.com/
- www.c3p0.se - sweden
#144960
- Joe Halleck
- Preeminent Rocketeer
- Posts: 5480
- Thanks: 67
- Never give up!
Re: Joomla Hacked, Annoyed yet?

Posted 16 years 9 months ago
- I use ServInt for my vps provider.
  Great service, reasonable pricing and great performance.
  Mention my name if you sign up!
  
  www.servint.com
- Magento - phpBB3 - Kunena - RokBridge Specialist
  No Secure Tab posts unless requested.
  Use the Thank You and Life Preserver Buttons!
  Your signature is also great place for setup details...help us help you!
#145916