193.150.120.14 - - [26/Apr/2014:00:46:24 +0300] "GET /index.php/frontpage HTTP/1.1" 200 20020 "http://www.replica-club.ru/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
The spam sites seem to be tied to /index.php/frontpage. There are roughly 20-30 of these kinds of sites logged each day. Any idea where should I even begin to fix the issue?
Here's the FPA data:
Forum Post Assistant (v1.2.4) : 16th May 2014 wrote:Basic Environment :: wrote:Joomla! Instance :: Joomla! 1.7.5-Stable (Ember) 02-Feb-2012
Joomla! Platform :: Joomla Platform 11.2.0-Stable+Modified (Omar) 27-Jul-2011
Joomla! Configured :: Yes | Writable (644) | Owner: lentiira (uid: 1/gid: 1) | Group: lentiira (gid: 1) | Valid For: 1.7
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 0 | SEF ReWrite: 0 | .htaccess/web.config: Yes | GZip: 0 | Cache: 0 | FTP Layer: 0 | SSL: 0 | Error Reporting: default | Site Debug: 0 | Language Debug: 0 | Default Access: 1 | Unicode Slugs: 0 | Database Credentials Present: Yes
Host Configuration :: OS: Linux | OS Version: 3.2.0-23-generic | Technology: x86_64 | Web Server: Apache/2.4.2 (Unix) OpenSSL/0.9.8o | Encoding: gzip,deflate,sdch | Doc Root: /home/lentiira/public/html | System TMP Writable: Yes
PHP Configuration :: Version: 5.4.23 | PHP API: cgi-fcgi | Session Path Writable: No | Display Errors: | Error Reporting: 32767 | Log Errors To: | Last Known Error: | Register Globals: | Magic Quotes: | Safe Mode: | Open Base: /tmp:/home/lentiira:/local/nullmailer | Uploads: 1 | Max. Upload Size: 64M | Max. POST Size: 64M | Max. Input Time: -1 | Max. Execution Time: 30 | Memory Limit: 64M
MySQL Configuration :: Version: 5.1.65 (Client:mysqlnd 5.0.10 - 20111026 - $Id: e707c415db32080b3752b232487a435ee0372157 $) | Host: --protected-- (--protected--) | Collation: latin1_swedish_ci (Character Set: latin1) | Database Size: 3.83 MiB | #of Tables: 49Detailed Environment :: wrote:PHP Extensions :: Core (5.4.23) | date (5.4.23) | ereg () | libxml () | openssl () | pcre () | sqlite3 (0.7) | zlib (2.0) | ctype () | curl () | dom (20031129) | fileinfo (1.0.5) | filter (0.11.0) | ftp () | gd () | gettext () | hash (1.0) | iconv () | json (1.2.1) | mbstring () | mcrypt () | SPL (0.2) | session () | PDO (1.0.4dev) | standard (5.4.23) | pdo_sqlite (1.0.1) | Phar (2.0.1) | posix () | Reflection ($Id: c4a7c554f00da47fe9cff384d18c532a1a959dff $) | mysqlnd (mysqlnd 5.0.10 - 20111026 - $Id: e707c415db32080b3752b232487a435ee0372157 $) | SimpleXML (0.1) | pdo_mysql (1.0.2) | mysqli (0.1) | tokenizer (0.1) | xml () | xmlreader (0.1) | xmlwriter (0.1) | xsl (0.1) | zip (1.11.0) | mysql (1.0) | cgi-fcgi () | Zend Engine (2.4.0) |
Potential Missing Extensions :: suhosin |
Switch User Environment (Experimental) :: PHP CGI: Yes | Server SU: No | PHP SU: Yes | Custom SU (LiteSpeed/Cloud/Grid): Yes
Potential Ownership Issues: NoFolder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |
Elevated Permissions (First 10) :: images/swmenu/ (757) | modules/mod_swmenupro/ (757) | modules/mod_swmenupro/cache/ (757) | modules/mod_swmenupro/fonts/ (757) | modules/mod_swmenupro/images/ (757) | modules/mod_swmenupro/images/arrows/ (757) | modules/mod_swmenupro/images/superfish/ (757) | modules/mod_swmenupro/images/transmenu/ (757) | modules/mod_swmenupro/images/tree_icons/ (757) | modules/mod_swmenupro/styles/ (757) |Extensions Discovered :: wrote:Components :: SITE :: com_wrapper (1.7.0) | WF_AGGREGATOR_VIMEO_TITLE (2.0.20) | WF_AGGREGATOR_[youtube]_TITLE (2.0.20) | WF_POPUPS_WINDOW_TITLE (2.0.20) | WF_POPUPS_JCEMEDIABOX_TITLE (2.0.20) | WF_FILESYSTEM_JOOMLA_TITLE (2.0.20) | WF_LINKS_JOOMLALINKS_TITLE (2.0.20) | WF_MEDIAPLAYER_JCEPLAYER_TITLE (2.0.20) | WF_TABLE_TITLE (2.0.20) | WF_CONTEXTMENU_TITLE (2.0.20) | WF_PREVIEW_TITLE (2.0.20) | WF_BROWSER_TITLE (2.0.20) | WF_FULLSCREEN_TITLE (2.0.20) | WF_IMGMANAGER_TITLE (2.0.20) | WF_SOURCE_TITLE (2.0.20) | WF_MEDIA_TITLE (2.0.20) | WF_VISUALCHARS_TITLE (2.0.20) | WF_ARTICLE_TITLE (2.0.20) | WF_CLEANUP_TITLE (2.0.20) | WF_LINK_TITLE (2.0.20) | WF_INLINEPOPUPS_TITLE (2.0.20) | WF_PRINT_TITLE (2.0.20) | WF_DIRECTIONALITY_TITLE (2.0.20) | WF_XHTMLXTRAS_TITLE (2.0.20) | WF_TEXTCASE_TITLE (2.0.20) | WF_SEARCHREPLACE_TITLE (2.0.20) | WF_STYLE_TITLE (2.0.20) | WF_PASTE_TITLE (2.0.20) | WF_LAYER_TITLE (2.0.20) | WF_NONBREAKING_TITLE (2.0.20) | WF_SPELLCHECKER_TITLE (2.0.20) | WF_AUTOSAVE_TITLE (2.0.20) | com_mailto (1.7.0) |
Components :: ADMIN :: COM_WEBFONTS (2.0.7) | com_installer (1.7.0) | com_menus (1.7.0) | 2J NewsSlider (2.0.2) | com_users (1.7.0) | com_admin (1.7.0) | Form To Mail (1.0.2) | com_cpanel (1.7.0) | com_search (1.7.0) | com_categories (1.7.0) | TwoJToolBox (1.0.11) | 2JToolBox Module (1.0.0) | plg_system_twojtoolbox (1.6.0) | plg_editors-xtd_twojtoolboxbut (1.0.0) | 2J Gallery (1.0.3) | com_content (1.7.0) | com_banners (1.7.0) | Unknown (-) | Editor - JCE (2.0.20) | JCE (2.0.20) | swMenuPro (8.5) | com_config (1.7.0) | com_newsfeeds (1.7.0) | com_media (1.7.0) | com_modules (1.7.0) | com_cache (1.7.0) | com_messages (1.7.0) | com_plugins (1.7.0) | com_login (1.7.0) | com_redirect (1.7.0) | com_checkin (1.7.0) | com_languages (1.7.0) | com_weblinks (1.7.0) | com_templates (1.7.0) |
Modules :: SITE :: mod_articles_archive (1.7.0) | mod_menu (1.7.0) | mod_users_latest (1.7.0) | mod_languages (1.7.0) | 2JToolBox Module (1.0.0) | mod_articles_latest (1.7.0) | mod_wrapper (1.7.0) | GoboSlide Pro (1.6.5) | mod_related_items (1.7.0) | mod_breadcrumbs (1.7.0) | mod_footer (1.7.0) | Form To Mail (1.0.0) | FXPreview (1.0) | mod_search (1.7.0) | mod_articles_categories (1.7.0) | mod_articles_news (1.7.0) | mod_feed (1.7.0) | mod_stats (1.7.0) | mod_articles_category (1.7.0) | mod_random_image (1.7.0) | mod_syndicate (1.7.0) | mod_login (1.7.0) | mod_weblinks (1.7.0) | mod_banners (1.7.0) | swMenuPro (8.5) | mod_whosonline (1.7.0) | mod_custom (1.7.0) | JT Quick Contact Form (1.0) | mod_articles_popular (1.7.0) |
Modules :: ADMIN :: mod_submenu (1.7.0) | mod_menu (1.7.0) | mod_multilangstatus (1.7.1) | mod_title (1.7.0) | mod_logged (1.7.0) | mod_toolbar (1.7.0) | mod_quickicon (1.7.0) | mod_status (1.7.0) | mod_feed (1.7.0) | mod_login (1.7.0) | mod_popular (1.7.0) | mod_latest (1.7.0) | mod_custom (1.7.0) |
Plugins :: SITE :: Editor - JCE (2.0.20) | plg_editors_codemirror (1.0) | plg_editors_tinymce (3.4.4) | plg_editors-xtd_pagebreak (1.7.0) | plg_editors-xtd_article (1.7.0) | plg_editors-xtd_image (1.7.0) | plg_editors-xtd_readmore (1.7.0) | plg_editors-xtd_twojtoolboxbut (1.0.0) | plg_extension_joomla (1.7.0) | plg_authentication_gmail (1.7.0) | plg_authentication_ldap (1.7.0) | plg_authentication_joomla (1.7.0) | plg_content_emailcloak (1.7.0) | plg_content_pagebreak (1.7.0) | plg_content_loadmodule (1.7.0) | plg_content_vote (1.7.0) | plg_content_pagenavigation (1.7.0) | plg_content_joomla (1.7.0) | plg_content_geshi (1.7.0) | plg_search_contacts (1.7.0) | plg_search_weblinks (1.7.0) | plg_search_categories (1.7.0) | plg_search_content (1.7.0) | plg_search_newsfeeds (1.7.0) | PLG_WEBFONTS (2.0.2) | plg_system_debug (1.7.0) | plg_system_sef (1.7.0) | plg_system_logout (1.7.0) | plg_system_p3p (1.7.0) | plg_system_log (1.7.0) | plg_system_redirect (1.7.0) | plg_system_remember (1.7.0) | plg_system_languagefilter (1.7.0) | Instant Suggest (2.0.1) | plg_system_cache (1.7.0) | plg_system_twojtoolbox (1.6.0) | plg_user_profile (1.7.0) | plg_user_contactcreator (1.7.0) | plg_user_joomla (1.7.0) |Templates Discovered :: wrote:Templates :: SITE :: beez5 (1.7.0) | beez5 (1.7.0) | beez5 (1.7.0) | beez5 (1.7.0) |
Templates :: ADMIN :: hathor (1.7.0) | bluestork (1.7.0) |