JoomlaCode.org Website Hacked - Blocked by LiquidWeb
-
- Joomla! Fledgling
- Posts: 1
- Joined: Wed Oct 16, 2013 1:25 am
JoomlaCode.org Website Hacked - Blocked by LiquidWeb
We are a small hosting company that recently started migrating several Joomla account over to a LiquidWeb dedicated server, only to learn that LiquidWeb is blocking outbound access to JOOMLACODE.ORG because it is listed on the http://www.malwaredomains.com/ website - apparently a fairly reputable source for disingenuous websites.
Obviously JoomlaCode.org is a reputable and necessary site for Joomla run websites, however LiquidWeb is accurate when stating that the site has been compromised. According to a scan performed by urlquery.net there are several /user/ pages that have some TDR on-screen javascript exploit. Example:
http://urlquery.net/report.php?id=6716170
Joomla Team - Please fix or just disable the /user/ section of joomlacode.org - let the site be solely dedicated to updates. I assume that LiquidWeb is not the only ones that are blindly following lists like that found on malwaredomains.com.
Thank you in advance.
Obviously JoomlaCode.org is a reputable and necessary site for Joomla run websites, however LiquidWeb is accurate when stating that the site has been compromised. According to a scan performed by urlquery.net there are several /user/ pages that have some TDR on-screen javascript exploit. Example:
http://urlquery.net/report.php?id=6716170
Joomla Team - Please fix or just disable the /user/ section of joomlacode.org - let the site be solely dedicated to updates. I assume that LiquidWeb is not the only ones that are blindly following lists like that found on malwaredomains.com.
Thank you in advance.
Last edited by ChiefGoFor on Wed Oct 23, 2013 1:52 am, edited 2 times in total.
Reason: Moved the topic from the forum Security in Joomla! 2.5 to the forum JoomlaCode.org
Reason: Moved the topic from the forum Security in Joomla! 2.5 to the forum JoomlaCode.org
- alikon
- Joomla! Champion
- Posts: 5941
- Joined: Fri Aug 19, 2005 10:46 am
- Location: Roma
- Contact:
Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb
recently i've experience quite the same with a cisco software wich block JoomlaCode.org
- ChiefGoFor
- Joomla! Champion
- Posts: 5614
- Joined: Tue Sep 13, 2005 12:22 am
- Location: Omaha, Nebraska, USA
- Contact:
Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb
Thank you for reporting this. This issue was corrected on Friday. The offending file was removed and the user was suspended.
Thank you again!
Thank you again!
Joomla! ...because open source matters
"Try to answer two questions for every one question you ask." - Me
"Try to answer two questions for every one question you ask." - Me
- alikon
- Joomla! Champion
- Posts: 5941
- Joined: Fri Aug 19, 2005 10:46 am
- Location: Roma
- Contact:
Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb
can confirm now no more blocked
- ChiefGoFor
- Joomla! Champion
- Posts: 5614
- Joined: Tue Sep 13, 2005 12:22 am
- Location: Omaha, Nebraska, USA
- Contact:
Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb
Thank you!
I marked the first post in this thread as solved.
I marked the first post in this thread as solved.
Joomla! ...because open source matters
"Try to answer two questions for every one question you ask." - Me
"Try to answer two questions for every one question you ask." - Me
- essiele
- Joomla! Enthusiast
- Posts: 100
- Joined: Mon Oct 03, 2011 9:52 am
Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb
Kenneth and Alikon,
I'm afraid the website has again been hacked, as I am getting a message on my screen that it's blocked due to possible malware.
I'm afraid the website has again been hacked, as I am getting a message on my screen that it's blocked due to possible malware.
Ess'iele
... seeing things.
... seeing things.
- ChiefGoFor
- Joomla! Champion
- Posts: 5614
- Joined: Tue Sep 13, 2005 12:22 am
- Location: Omaha, Nebraska, USA
- Contact:
Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb
Ess'iele,
I'm not sure about the copy of Joomla on cNet. We can not guarantee the integrity of those files.
That said, the notice that you are getting has to do with a file that a user uploaded to JoomlaCode and was not part of the Joomla package.
Example:
Let's say that you wanted to create an extension. You could create an account on JoomlaCode and use it to distribute your files. Let's say that you decide to upload a file that redirects users to a some website that sells pharmaceuticals. That would be a file within your JoomlaCode account. It would not affect the integrity of Joomla's files nor the files belonging to other users.
That is exactly what happened here. Unfortunately, the software you mentioned (Comodo) is unable to see the difference. Where where they site, it is all the same site.
The file has been removed and the offending user has been banned from JoomlaCode.
I hope that makes sense and helps others understand what happened.
I'm not sure about the copy of Joomla on cNet. We can not guarantee the integrity of those files.
That said, the notice that you are getting has to do with a file that a user uploaded to JoomlaCode and was not part of the Joomla package.
Example:
Let's say that you wanted to create an extension. You could create an account on JoomlaCode and use it to distribute your files. Let's say that you decide to upload a file that redirects users to a some website that sells pharmaceuticals. That would be a file within your JoomlaCode account. It would not affect the integrity of Joomla's files nor the files belonging to other users.
That is exactly what happened here. Unfortunately, the software you mentioned (Comodo) is unable to see the difference. Where where they site, it is all the same site.
The file has been removed and the offending user has been banned from JoomlaCode.
I hope that makes sense and helps others understand what happened.
Joomla! ...because open source matters
"Try to answer two questions for every one question you ask." - Me
"Try to answer two questions for every one question you ask." - Me
- essiele
- Joomla! Enthusiast
- Posts: 100
- Joined: Mon Oct 03, 2011 9:52 am
Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb
Many thanks for the explanation, KC. It's very much appreciated.
Regards,
Ess
Regards,
Ess
Ess'iele
... seeing things.
... seeing things.
-
- Joomla! Explorer
- Posts: 292
- Joined: Wed Mar 14, 2012 10:25 am
- Location: Randers, Denmark
Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb
LiquidWeb has once again blocked joomlacode.org.
LiquidWeb wrote:Right now we have this domain resolving to this IP for security measures. This is why there is a difference in the IPs. The site joomlacode.org right now is listed at :
http://www.malwaredomains.com/
It has been known to spread malware and possibly infect machines. As a security measure we use lists at a few locations to protect customer from known attack vectors.
Saludos,
Alain
Alain