The Joomla! Forum ™

Download

Demo


Board index » Joomla! Older Version Support » Joomla! 1.5 » Security in Joomla! 1.5

Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  Page 1 of 1
  [ 10 posts ] 
  Print view Previous topic | Next topic 
Author Message
dircavediver
PostPosted: Sat May 14, 2011 3:20 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Sep 01, 2010 3:02 pm
Posts: 10
Hi,

My website that I spent a year on creating using Joomla 1.5 was hacked, the index.php file in the main http file system was altered to the hackers website and in administration file the index.php file changed. The hacker e mailed to boast about his hacking skills, although I suspect was due to my lack of knowledge on website security

Plugged in my external hard disk to up load my back up, and the disk has died, so no back up.. is there anyway to recreate these index.php files?

If not can i reinstall Joomla but somehow still save all my content and menu system?

Reading up on how to stop this happening again.

Any help would be greatly appreciated.
Top
 Profile  
 
Webdongle
PostPosted: Sat May 14, 2011 3:43 am 
User avatar
Joomla! Master
Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle
Obviously you read viewtopic.php?p=1988191#p1988191 before you posted ?

It gives detailed instructions on how to do what you asked. To summarise it:
  • Delete all the files on the sever
    The site info is stored in the database so you won't lose your work
    Perhaps download the configuration.php file to save a little time(but inspect it thoroughly).
  • Scan all PC's/Mac's (with server access) with every anti-virus/anti- malware program that you can
  • Change all your passwords
  • Upload the the unziped files of the latest full package, all except the /installation files
    (Or use the Host's CP file manager to upload the zip and unzip on the server. And delete the /installation folder).
  • Upload your configuration.php file and edit with the new password
  • Secure your site ... details are on the list see the above link
  • + much more

_________________
http://weblinksonline.co.uk/joomla-faq.html
Top
 Profile  
 
PhilD
PostPosted: Sat May 14, 2011 3:49 am 
User avatar
Joomla! Hero
Joomla! Hero

Joined: Sat Oct 21, 2006 10:20 pm
Posts: 2702
Location: Wisconsin USA
Start here:
http://docs.joomla.org/Security_Checkli ... ter_relief

_________________
PhilD -- Unrequested PM's and/or emails may not get a response.
Security Moderator
Top
 Profile  
 
dircavediver
PostPosted: Sat May 14, 2011 6:31 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Sep 01, 2010 3:02 pm
Posts: 10
Thank you for your quick responses. Very helpful. Configuration.php file is no longer there, the hacker must have deleted that as well.

I Deleted all joomla files, re installed the latest version, deleted the installation directory, changed passwords etc, checked permssions. I have the configuration.php-dist but no configuration.php file. Is there anyway to rewrite the configuration.php file so I can get my content back?

Thank you for your help.
Top
 Profile  
 
dircavediver
PostPosted: Sat May 14, 2011 6:59 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Sep 01, 2010 3:02 pm
Posts: 10
i am rewriting the configuration.php-dist file and then will save this as configuartion.php on my server. I am guessing that should work. The latest version of Joomla 1.6.3 didn't have the configuration.php dist file in the directory so using the old one form V.1.5.

Will this be okay?
Top
 Profile  
 
PhilD
PostPosted: Sat May 14, 2011 2:39 pm 
User avatar
Joomla! Hero
Joomla! Hero

Joined: Sat Oct 21, 2006 10:20 pm
Posts: 2702
Location: Wisconsin USA
You can certainly use the configuration.php-dist file, but you will have to add the required information to it in order for it to work with your site. The file will tell you what you need to know. It is commented well.

FYI - The 1.6 configuration.php-dist file is now in the installation directory, not at root level.

The 1.5 and 1.6 configuration.php-dist files have some differences, so use the one for your version.

****** Core Files from Joomla 1.6 can not be applied without doing a migration to a Joomla 1.5 site. The databases and files are all different.********

If you put the new 1.6 files in place of your 1.5 site it will not work as the database is incompatible. Remove all those files and put the current 1.5 version files on your site.

_________________
PhilD -- Unrequested PM's and/or emails may not get a response.
Security Moderator


Last edited by PhilD on Sat May 14, 2011 2:43 pm, edited 1 time in total.
added line for clarity


Top
 Profile  
 
dircavediver
PostPosted: Sat May 14, 2011 2:58 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Sep 01, 2010 3:02 pm
Posts: 10
Problem solved- Thanks. Re-installed joomla as i was having problems re writing the configuration.php-dist file, and then just changed the new configuration.php file so that it used the old MySql database that was still on the system. So my site backup and running fine. I am working through updating all security. Many thanks for everyone's help.
Top
 Profile  
 
Webdongle
PostPosted: Sat May 14, 2011 3:40 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle
dircavediver wrote:
.....Re-installed joomla as i was having problems re writing the configuration.php-dist file, and then just changed the new configuration.php file so that it used the old MySql database that was still on the system. ....

That was going to be my next suggestion as you didn't save the original configuration.php.

Another suggestion
Take screenshots of the 3rd party extensions in your database, then you can edit the image to show which you have checked in VEL and which you have updated. It may also help you notice Tables for uninstalled extensions that never uninstalled correctly ? Just a thought.

_________________
http://weblinksonline.co.uk/joomla-faq.html
Top
 Profile  
 
dircavediver
PostPosted: Sun May 15, 2011 4:31 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Wed Sep 01, 2010 3:02 pm
Posts: 10
Webdongle, "what is checked in VEL"? I have reinstalled 3rd party modules no problem, was having a small problem with plugins on my site, as when I try and reinstall them through joomla it thinks they are already installed and are listed in the plugin list, obviously none of the files for the plugins are there. Do i need to reinstall them manually or can I delete the plugins joomla thinks are there somehow and then re-install them?
Top
 Profile  
 
Webdongle
PostPosted: Sun May 15, 2011 1:04 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Sat Apr 05, 2008 9:58 pm
Posts: 23363
Location: @Webdongle
The VEL list is the Vulnerable Extensions List the link is in the 'Read this before you post.

If plugins are complaining when you install them there is one of two things you can do
Unzip locally and ftp to the correct place(s)
Drop the database Tables for those plugins BACK UP the database first(probably not the easiest option).

_________________
http://weblinksonline.co.uk/joomla-faq.html
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 10 posts ] 


Board index » Joomla! Older Version Support » Joomla! 1.5 » Security in Joomla! 1.5

Who is online

Users browsing this forum: No registered users and 10 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group