hacked headers in joomla
Moderator: General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
-
- Joomla! Apprentice
- Posts: 12
- Joined: Fri Feb 13, 2009 2:40 am
hacked headers in joomla
my website www community-boating .org currently has had it's headers overwritten by someone who apparently is sending out spam for tramadol. How can I go about figuring out if the hack was in a file or in the mysql DB? Any thoughts?
thanks!
Adam
thanks!
Adam
- Webdongle
- Joomla! Master
- Posts: 44088
- Joined: Sat Apr 05, 2008 9:58 pm
Re: hacked headers in joomla
By deleting all your files and replacing them with fresh ones like it says in http://forum.joomla.org/viewtopic.php?p ... 1#p1988191
I would keep the configuration.php
If you follow the instructions correctly then you will know if it was just in the files.
I would keep the configuration.php
If you follow the instructions correctly then you will know if it was just in the files.
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
-
- Joomla! Apprentice
- Posts: 12
- Joined: Fri Feb 13, 2009 2:40 am
Re: hacked headers in joomla
thanks, trying that, also doing a word search in the files. the weird thing is when I look at the source in firefox it looks clean, but to google the source is totally polluted with spam
- Webdongle
- Joomla! Master
- Posts: 44088
- Joined: Sat Apr 05, 2008 9:58 pm
Re: hacked headers in joomla
In FF
Tools >>> Web developer >> view source >>> view generated source
It will display things that ordinary view source misses.
Chances are that the database is clean. But your computer may well be infected. If it was not infected before the exploit it may well have got infected from the site after. Thus perpetuating a loop if you upload files (and or change passwords) before checking your computer.
Tools >>> Web developer >> view source >>> view generated source
It will display things that ordinary view source misses.
Chances are that the database is clean. But your computer may well be infected. If it was not infected before the exploit it may well have got infected from the site after. Thus perpetuating a loop if you upload files (and or change passwords) before checking your computer.
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
-
- Joomla! Apprentice
- Posts: 12
- Joined: Fri Feb 13, 2009 2:40 am
Re: hacked headers in joomla
thank you, restored from backup and am going to once again try to update to a slightly newer version of Joomla.
- Webdongle
- Joomla! Master
- Posts: 44088
- Joined: Sat Apr 05, 2008 9:58 pm
Re: hacked headers in joomla
So long as the backup has no infected files.
After deleting ALL the files on the server. You should have checked your computer. Then changed password. Then uploaded the files from a fresh download of Joomla.
After deleting ALL the files on the server. You should have checked your computer. Then changed password. Then uploaded the files from a fresh download of Joomla.
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
- leolam
- Joomla! Master
- Posts: 20652
- Joined: Mon Aug 29, 2005 10:17 am
- Location: Netherlands/ Germany/ S'pore/Bogor/ North America
- Contact:
Re: hacked headers in joomla
Slightly? You can only upgrade to one version and that is Joomla 1.5.23. All other versions below have security issuescbiadam wrote:try to update to a slightly newer version of Joomla.
Leo
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
-
- Joomla! Apprentice
- Posts: 12
- Joined: Fri Feb 13, 2009 2:40 am
Re: hacked headers in joomla
already at 1.5.23, i was thinking 1.7 but that is a reasonable undertaking... unfortunately.
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
Re: hacked headers in joomla
There are many sites that are on 1.5.23 and need to stay there at least until the next major release is stable and the 3rd party extensions used on the site are updated to work with that stable major release.cbiadam wrote:already at 1.5.23, i was thinking 1.7 but that is a reasonable undertaking... unfortunately.
Also, to go from 1.5 to 1.6 or 1.7 and onwards, I believe there is a migration involved from the 1.5 platform (not an update) and many extensions do not yet work with 1.6/1.7 or beyond. If a site is new or going to be rebuilt from the ground up (including a new database) on a new platform then Versions of 1.6 should be skipped at this point in time and one should go directly to the latest 1.7.xx version.
PhilD