Website showing junk content

technomatters · Post by **technomatters** » Sat Jan 17, 2015 12:59 am

Hi All,

one of our site is showing junk content like "[* spam *] 50mg soft tab generic" in google search results.

Here i have attached screenshot, please verify.

I dont understand from where this text comes? I tried finding in website but no luck, i dont find this content.

Can some one suggest me how to get rid off this message please

Kindly help in this regd.

Regards
Praveen

Post by **toivo** » Sat Jan 17, 2015 1:20 am

Your site must have been hacked. This post should be in the Security forum and a moderator is likely to move it there: http://forum.joomla.org/viewforum.php?f=432

Please read the sticky notes at the top of the forum and download the Forum Post Assistant (FPA) from http://forum.joomla.org/viewtopic.php?f=714&t=793531

Post the output from the FPA to this thread and someone may be able to identify insecure settings or vulnerable extensions in your site. Joomla 1.5 has been out of date and out of support for some time.

technomatters · Post by **technomatters** » Sat Jan 17, 2015 2:42 am

Thanks for your support and response.

Do i need to put mt FPA url here or a screenshot is required?

Kindly let me know so that i can do the needful

Regards
Praveen

Post by **toivo** » Sat Jan 17, 2015 9:30 am

Cheers. The detailed instructions how to post to the forum can be found here:
http://forum.joomla.org/viewtopic.php?f=621&p=2371873

technomatters · Post by **technomatters** » Mon Jan 19, 2015 7:57 pm

I have updated this thread as Mr.Toivo said. Thanks in advance.

Kindly help me out. And also when i tried to login to the admin, it is not allowing me to login. It is showing "E_NOLOGIN_ACCESS" error. I tried in this forum for solution, but didnt work for me. Can someone help please
======================================

Problem Description :: Forum Post Assistant (v1.2.4) : 19th January 2015 wrote:Website content showing junk data in google search

Last PHP Error(s) Reported :: Forum Post Assistant (v1.2.4) : 19th January 2015 wrote:[04-Jan-2015 02:49:50 America/Chicago] PHP Warning: Invalid argument supplied for foreach() in /home/caprusit/public_html/modules/mod_newsflashscroller_proII/mod_newsflashscroller_proII.php on line 316

Forum Post Assistant (v1.2.4) : 19th January 2015 wrote:
Basic Environment :: wrote:Joomla! Instance :: Joomla! 1.5.3-Production/Stable (Vahi) 22-April-2008
Joomla! Configured :: Yes | Read-Only (444) | Owner: 635 (uid: /gid: ) | Group: 635 (gid: ) | Valid For: 1.5
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 1 | SEF ReWrite: 1 | .htaccess/web.config: Yes | GZip: 0 | Cache: 0 | FTP Layer: 0 | SSL: N/A | Error Reporting: -1 | Site Debug: 0 | Language Debug: 0 | Database Credentials Present: Yes

Host Configuration :: OS: Linux | OS Version: 2.6.18-348.1.1.el5PAE | Technology: i686 | Web Server: Apache | Encoding: gzip, deflate | Doc Root: /home/caprusit/public_html | System TMP Writable: Yes

PHP Configuration :: Version: 5.3.28 | PHP API: cgi-fcgi | Session Path Writable: Yes | Display Errors: 1 | Error Reporting: 22519 | Log Errors To: error_log | Last Known Error: 04th January 2015 02:49:50. | Register Globals: | Magic Quotes: 1 | Safe Mode: | Open Base: /home:/tmp:/usr | Uploads: 1 | Max. Upload Size: 100M | Max. POST Size: 64M | Max. Input Time: 60 | Max. Execution Time: 30 | Memory Limit: 128M

MySQL Configuration :: Version: 5.5.35-33.0 (Client:5.5.35) | Host: --protected-- (--protected--) | Collation: utf8_general_ci (Character Set: utf8) | Database Size: 242.04 KiB | #of Tables: 41
Detailed Environment :: wrote:PHP Extensions :: Core (5.3.28) | date (5.3.28) | ereg () | libxml () | openssl () | pcre () | sqlite3 (0.7-dev) | zlib (1.1) | bcmath () | bz2 () | calendar () | ctype () | curl () | dom (20031129) | hash (1.0) | fileinfo (1.0.5-dev) | filter (0.11.0) | ftp () | gd () | gettext () | SPL (0.2) | iconv () | session () | json (1.2.1) | mbstring () | mcrypt () | mysql (1.0) | mysqli (0.1) | pgsql () | standard (5.3.28) | Phar (2.0.1) | posix () | pspell () | Reflection ($Id: 4af6c4c676864b1c0bfa693845af0688645c37cf $) | imap () | SimpleXML (0.1) | soap () | sockets () | exif (1.4 $Id$) | tidy (2.0) | tokenizer (0.1) | wddx () | xml () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.11.0) | cgi-fcgi () | PDO (1.0.4dev) | pdo_sqlite (1.0.1) | SQLite (2.0-dev) | pdo_mysql (1.0.2) | imagick (3.1.2) | ionCube Loader () | Zend Guard Loader () | Zend Engine (2.3.0) |
Potential Missing Extensions :: suhosin |

Switch User Environment (Experimental) :: PHP CGI: Yes | Server SU: Yes | PHP SU: Yes | Custom SU (LiteSpeed/Cloud/Grid): No
Potential Ownership Issues: Maybe
Folder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |

Elevated Permissions (First 10) ::
Extensions Discovered :: wrote:Components :: SITE :: MailTo (1.5.0) | Wrapper (1.5.0) | User (1.5.0) |
Components :: ADMIN :: Mass Mail (1.5.0) | Template Manager (1.5.0) | Media Manager (1.5.0) | Messaging (1.5.0) | Module Manager (1.5.0) | Language Manager (1.5.0) | Banners (1.5.0) | Configuration Manager (1.5.0) | Search (1.5.0) | Polls (1.5.0) | Plugin Manager (1.5.0) | Content Page (1.5.0) | Cache Manager (1.5.0) | Installation Manager (1.5.0) | Contact Items (1.0.0) | Trash (1.0.0) | Menus Manager (1.5.0) | Control Panel (1.5.0) | MorfeoShow (1.2.0) | Weblinks (1.5.0) | Frontpage (1.5.0) | Newsfeeds (1.5.0) | User Manager (1.5.0) |

Modules :: SITE :: Sections (1.5.0) | Search (1.0.0) | Footer (1.5.0) | Most Read Content (1.5.0) | Latest News (1.5.0) | Banner (1.5.0) | Who\'s Online (1.0.0) | mod_jaslideshow (1.5.0) | Menu (1.5.0) | Archived Content (1.5.0) | Statistics (1.5.0) | Custom HTML (1.5.0) | Feed Display (1.5.0) | Poll (1.5.0) | Wrapper (1.0.0) | Syndicate (1.5.0) | Newsflash Pro II (2.5) | Related Items (1.0.0) | Random Image (1.5.0) | Newsflash (1.5.0) | Breadcrumbs (1.5.0) | Login (1.5.0) |
Modules :: ADMIN :: Footer (1.0.0) | Online Users (1.0.0) | Unread Items (1.0.0) | Admin Submenu (1.0.0) | Latest News (1.0.0) | Admin Menu (1.0.0) | Toolbar (1.0.0) | Items Stats (1.0.0) | Custom HTML (1.5.0) | Feed Display (1.5.0) | User Status (1.5.0) | Title (1.0.0) | Popular Items (1.0.0) | Quick Icons (1.0.0) | Login Form (1.0.0) | Logged in Users (1.0.0) |

Plugins :: SITE :: System - Legacy (1.5) | System - Cache (1.5) | System - Remember Me (1.5) | System - SEF (1.5) | System - Log (1.5) | System - Backlinks (1.5) | System - Debug (1.5) | Authentication - LDAP (1.5) | Authentication - Example (1.5) | Authentication - GMail (1.5) | Authentication - Joomla (1.5) | Authentication - OpenID (1.5) | XML-RPC - Blogger API (1.0) | XML-RPC - Joomla API (1.0) | User - Example (1.0) | User - Joomla! (1.5) | Search - Categories (1.5) | Search - Sections (1.5) | Search - Newsfeeds (1.5) | Search - Content (1.5) | Search - Weblinks (1.5) | Search - Contacts (1.5) | Editor - XStandard Lite for Jo (1.0) | Editor - TinyMCE 2.1 (2.1.2) | Content - Pagebreak (1.5) | Content - Email Cloaking (1.5) | Content - Load Modules (1.5) | Content - Vote (1.5) | Content - Page Navigation (1.5) | Content - Code Highlighter (Ge (1.5) | Content - Example (1.0) | Button - Pagebreak (1.5) | Button - Readmore (1.5) | Button - Image (1.0.0) |
Templates Discovered :: wrote:Templates :: SITE :: sgdnetworks (1.1) |
Templates :: ADMIN :: Khepri (1.0) |

Post by **mandville** » Mon Jan 19, 2015 9:22 pm

your site is very very very out of date follow this http://forum.joomla.org/viewtopic.php?f=432&t=475313
and checklist 7

Post by **toivo** » Mon Jan 19, 2015 10:14 pm

Joomla 1.5.3 is old, insecure and has not been supported for a long time. At least the following extensions installed at your site are vulnerable with known exploits:
- MorpheoShow component
- XStandard Lite editor plugin

You can find from the sticky notes at the top of the forum some instructions what to do.

technomatters · Post by **technomatters** » Tue Jan 20, 2015 4:31 am

Hi

Thanks for your support. But what i am asking is, how to resolve the issue, like i requested to help for "E_NOLOGIN_ACCESS" error. Once we got access to back-end admin, at least we can resolve the issue by uninstalling the components and modules and we will ask the client to migrate to latest versions.

Kindly help me at least to login to the administrator.

Post by **toivo** » Tue Jan 20, 2015 6:55 am

If you have not done this already, you could try to reset the administrator password but there is no guarantee that this will work after your site was compromised:
https://docs.joomla.org/J1.5:How_do_you ... assword%3F

dpacadmin · Post by **dpacadmin** » Tue Jan 20, 2015 9:09 pm

This could also be a problem with your server's php version, 5.3.28. You need Joomla 1.5.15 or higher for it to be compatible with php 5.3 . That could be causing your login issue, see if your host can set your php to 5.2 temporarily and test or update to the latest Joomla 1.5 version, 1.5.26 with the flash patch.

technomatters · Post by **technomatters** » Wed Jan 21, 2015 4:20 am

Hi All

Thanks for your support. Mr.toivo given me a solution for the admin login in the above response and Its WORKED.

thanks to Mr.toivo

I only concern about the junk content now, i dont see the content there in website but when i google it like "caprus it", it is showing the [* spam *] text.

Please check once and help me.

Regards
Praveen

The Joomla! Forum™

Website showing junk content

Website showing junk content

Re: Website showing junk content

Re: Website showing junk content

Re: Website showing junk content

Re: Website showing junk content

Re: Website showing junk content

Re: Website showing junk content

Re: Website showing junk content

Re: Website showing junk content

Re: Website showing junk content

Re: Website showing junk content