The Joomla! Forum ™

Download

Demo


Board index » Joomla! Older Version Support » Joomla! 1.5 » Security in Joomla! 1.5

Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  Page 1 of 1
  [ 3 posts ] 
  Print view Previous topic | Next topic 
Author Message
akfirsttry
 Post subject: Joomla hacked
PostPosted: Mon Apr 16, 2012 1:25 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Fri Feb 06, 2009 5:58 am
Posts: 13
Hello..i have this site http://www.desertartsindia .com . Recently i realised that i cannot login into the administrator area. It doesn't give me the login screen. Also when i type my domain in google and when i click on the link through google it takes me on to some other website. I found out that it is something known as url hijack. Is there a way i can restore my website since i don't have the original backup and can get my google link fixed too? I would appreciate any kind of help i could get


Last edited by mandville on Mon Apr 16, 2012 3:54 pm, edited 2 times in total.
Moved the topic from the forum Administration 1.5 to the forum Security in 1.5


Top
 Profile  
 
mandville
 Post subject: Re: Joomla hacked
PostPosted: Mon Apr 16, 2012 3:58 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Mon Mar 20, 2006 1:56 am
Posts: 11629
Location: The Girly Side of Joomla in Sussex
see this and action viewtopic.php?f=432&t=475313
see this viewtopic.php?f=432&t=705216

_________________
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be added to the foe list and possibly just deleted
{Community.Connect Administrator }{ Showcase & Security Moderator}
Top
 Profile  
 
PhilD
 Post subject: Re: Joomla hacked
PostPosted: Sun Apr 22, 2012 5:32 pm 
User avatar
Joomla! Hero
Joomla! Hero

Joined: Sat Oct 21, 2006 10:20 pm
Posts: 2694
Location: Wisconsin USA
Your website is still actively hacked and still contains active hack code. It also contains conditional redirects and actively tries to attack visitors meeting certain criteria and contains many links to malware sites. I also think your Joomla install is out of date and probably also your extensions and templates are also out of date.

It has been 6 days since you first posted about the issue and probably longer since it was hacked. I would bet it is not long before Google and other search engines blacklist the site.

I would suggest you immediately take the site offline and properly clean the domain and site by following what is posted below:


Suggested Website/Domain Hack Recovery Steps - PhilD wrote:

It is suggested to do all of the following. Failure to follow the suggestions below may leave your site vulnerable to being hacked again in the future.

You must state what version of Joomla you were using when when the site became hacked.

[ ] Run the Forum Post Assistant / FPA Instructions available here and are also included in the download package.

[ ] Ensure you have the latest version of Joomla. Delete all files in your Joomla installation, saving a copy of the configuration.php file. Replace the deleted files with fresh copies of a current full version of Joomla (minus the installation directory), and fresh copies of extensions and templates used. Upload the copy of your configuration file. Only by replacing all files in the installation (including extensions and templates) can you be sure to remove the backdoors inserted and hidden in files and directories More detail can be found in the security Checklist 7 link below.

[ ] Review Vulnerable Extensions List

[ ] Review and action Security Checklist 7 to make sure you've gone through all of the steps.

[ ] Scan all machines with FTP, Joomla super admin, and Joomla admin access for malware, virus, trojans, spyware, etc.

[ ] Change all passwords and if possible user names for the website host control panel and your Joomla site.

[ ] Use proper permissions on files and directories. They should never be 777, ideal is 644 and 755 and 444 for the configuration.php file.

[ ] Check your htaccess for for any odd code (i.e. code which is not in the standard htaccess supplied as part of the Joomla installation).

[ ] Check the crontab or Task Scheduler for unexpected jobs/tasks.

[ ] Ensure you do not have anonymous ftp enabled

Note: The forum post tool will work with 1.0.x, J1.6.x, J1.7.x, 2.5.x versions of Joomla.

_________________
PhilD -- Unrequested PM's and/or emails may not get a response.
Security Moderator
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 3 posts ] 


Board index » Joomla! Older Version Support » Joomla! 1.5 » Security in Joomla! 1.5

Who is online

Users browsing this forum: khaled_whisper and 14 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group