Error 404 - Page Not Found

Discussion regarding Joomla! 2.5 security issues.

Moderators: mandville, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Locked
mtruffa
Joomla! Apprentice
Joomla! Apprentice
Posts: 8
Joined: Wed Oct 01, 2014 4:44 pm

Error 404 - Page Not Found

Post by mtruffa » Fri Oct 24, 2014 5:06 pm

Both my main index.php and the administrator index.php throw a 404- page not found. The site was compromised and I think I got it all out. I even re-installed but I still get the error. I have the site in a subfolder /joomla and i have the .htaccess file redirecting to the folder. I am lost and can not get this to work.
Last edited by imanickam on Sat Oct 25, 2014 3:32 am, edited 2 times in total.
Reason: Due to the nature of the site (having hacked), moved the topic from the forum General Questions/New to Joomla! 2.5 to the forum Security in Joomla! 2.5. Also, changed the Subject that was in ALL UPPERCASE to Mixed Case.

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 44022
Joined: Sat Apr 05, 2008 9:58 pm

Re: ERROR 404 - PAGE NOT FOUND

Post by Webdongle » Fri Oct 24, 2014 5:13 pm

mtruffa wrote:...The site was compromised and I think I got it all out. I even re-installed but I still get the error. ...
We all know what 'Thought done'. Reinstalling is not enough ... please read and action http://forum.joomla.org/viewtopic.php?f=621&t=582854
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".

mtruffa
Joomla! Apprentice
Joomla! Apprentice
Posts: 8
Joined: Wed Oct 01, 2014 4:44 pm

Re: ERROR 404 - PAGE NOT FOUND

Post by mtruffa » Fri Oct 24, 2014 6:01 pm

I ran through the post and have completed the FPA
Problem Description :: Forum Post Assistant (v1.2.4) : 24th October 2014 wrote:Been Hacked
Log/Error Message :: Forum Post Assistant (v1.2.4) : 24th October 2014 wrote:404 page not found
Actions Taken To Resolve by Forum Post Assistant (v1.2.4) 24th October 2014 wrote:Deleted and reinstalled joomla
Forum Post Assistant (v1.2.4) : 24th October 2014 wrote:
Basic Environment :: wrote:Joomla! Instance :: Joomla! 2.5.7-Stable (Ember) 13-September-2012
Joomla! Platform :: Joomla Platform 11.4.0-Stable (Brian Kernighan) 03-Jan-2012
Joomla! Configured :: Yes | Writable (755) | Owner: hcfpaorg (uid: 1/gid: 1) | Group: hcfpaorg (gid: 1) | Valid For: 2.5
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 0 | SEF ReWrite: 0 | .htaccess/web.config: Yes | GZip: 0 | Cache: 0 | FTP Layer: 0 | SSL: 0 | Error Reporting: default | Site Debug: 0 | Language Debug: 0 | Default Access: 1 | Unicode Slugs: 0 | Database Credentials Present: Yes

Host Configuration :: OS: Linux | OS Version: 3.12.24 | Technology: x86_64 | Web Server: Apache | Encoding: gzip,deflate | Doc Root: /home/hcfpaorg/public_html | System TMP Writable: Yes

PHP Configuration :: Version: 5.4.32 | PHP API: cgi-fcgi | Session Path Writable: Yes | Display Errors: 1 | Error Reporting: 22519 | Log Errors To: error_log | Last Known Error: | Register Globals: | Magic Quotes: | Safe Mode: | Open Base: | Uploads: 1 | Max. Upload Size: 64M | Max. POST Size: 64M | Max. Input Time: 60 | Max. Execution Time: 30 | Memory Limit: 256M

MySQL Configuration :: Version: 5.5.40-36.1 (Client:5.5.40-36.1) | Host: --protected-- (--protected--) | Collation: utf8_general_ci (Character Set: utf8) | Database Size: 14.65 MiB | #of Tables:  257
Detailed Environment :: wrote:PHP Extensions :: Core (5.4.32) | date (5.4.32) | ereg () | libxml () | openssl () | pcre () | sqlite3 (0.7) | zlib (2.0) | bcmath () | bz2 () | calendar () | ctype () | curl () | dom (20031129) | hash (1.0) | fileinfo (1.0.5) | filter (0.11.0) | ftp () | gd () | gettext () | gmp () | SPL (0.2) | iconv () | session () | intl (1.1.0) | json (1.2.1) | mbstring () | mcrypt () | mssql () | mysql (1.0) | mysqli (0.1) | odbc (1.0) | standard (5.4.32) | PDO (1.0.4dev) | pdo_mysql (1.0.2) | pdo_sqlite (1.0.1) | Phar (2.0.1) | posix () | pspell () | Reflection ($Id: f6367cdb4e3f392af4a6d441a6641de87c2e50c4 $) | imap () | SimpleXML (0.1) | soap () | sockets () | exif (1.4 $Id: 38907b4d942a8d2419060a688aa3c5e5dedcb118 $) | tidy (2.0) | tokenizer (0.1) | wddx () | xml () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.11.0) | cgi-fcgi () | imagick (3.1.0RC2) | SourceGuardian (9.0.4) | mhash () | ionCube Loader () | Zend Guard Loader () | Zend Engine (2.4.0) |
Potential Missing Extensions :: suhosin |

Switch User Environment (Experimental) :: PHP CGI: Yes | Server SU: Yes | PHP SU: Yes | Custom SU (LiteSpeed/Cloud/Grid): Yes
Potential Ownership Issues: No
Folder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |

Elevated Permissions (First 10) ::
Extensions Discovered :: wrote:Components :: SITE :: com_wrapper (2.5.0) | com_mailto (2.5.0) |
Components :: ADMIN :: com_messages (2.5.0) | com_finder (2.5.0) | com_plugins (2.5.0) | com_checkin (2.5.0) | com_templates (2.5.0) | com_admin (2.5.0) | com_config (2.5.0) | com_categories (2.5.0) | com_login (2.5.0) | com_languages (2.5.0) | com_users (2.5.0) | K2 (2.5.7) | mod_k2_comments (-) | mod_k2_comments (-) | com_cache (2.5.0) | com_banners (2.5.0) | RokCandy (1.3) | com_modules (2.5.0) | com_redirect (2.5.0) | com_installer (2.5.0) | Gantry (4.0.5) | com_cpanel (2.5.0) | com_weblinks (2.5.0) | com_menus (2.5.0) | com_search (2.5.0) | com_media (2.5.0) | com_content (2.5.0) | com_joomlaupdate (2.5.0) | com_newsfeeds (2.5.0) |

Modules :: SITE :: mod_stats (2.5.0) | K2 Users (2.5.7) | mod_finder (2.5.0) | mod_users_latest (2.5.0) | mod_articles_category (2.5.0) | mod_random_image (2.5.0) | mod_languages (2.5.0) | mod_wrapper (2.5.0) | mod_articles_categories (2.5.0) | mod_feed (2.5.0) | mod_custom (2.5.0) | mod_weblinks (2.5.0) | K2 Login (2.5.7) | mod_articles_latest (2.5.0) | mod_menu (2.5.0) | mod_breadcrumbs (2.5.0) | K2 Tools (2.5.7) | mod_articles_news (2.5.0) | mod_articles_popular (2.5.0) | MOD_JGMAP (0.16.35) | mod_banners (2.5.0) | K2 User (2.5.7) | K2 FlexSlider (2.5.7) | mod_syndicate (2.5.0) | mod_superfish_menu (2.5.0) | K2 Comments (2.5.7) | RokNavMenu (1.12) | mod_articles_archive (2.5.0) | mod_footer (2.5.0) | mod_whosonline (2.5.0) | mod_login (2.5.0) | mod_search (2.5.0) | mod_related_items (2.5.0) | K2 Content (2.5.7) |
Modules :: ADMIN :: mod_version (2.5.0) | K2 Quick Icons (admin) (2.5.7) | mod_toolbar (2.5.0) | mod_feed (2.5.0) | mod_custom (2.5.0) | mod_status (2.5.0) | mod_multilangstatus (2.5.0) | K2 Stats (admin) (2.5.7) | mod_menu (2.5.0) | mod_quickicon (2.5.0) | mod_submenu (2.5.0) | mod_latest (2.5.0) | mod_popular (2.5.0) | mod_title (2.5.0) | mod_logged (2.5.0) | mod_login (2.5.0) |

Plugins :: SITE :: plg_editors_tinymce (3.5.4.1) | plg_editors_codemirror (1.0) | plg_finder_contacts (2.5.0) | plg_finder_newsfeeds (2.5.0) | plg_finder_content (2.5.0) | plg_finder_weblinks (2.5.0) | plg_finder_categories (2.5.0) | plg_finder_k2 (2.5.7) | plg_quickicon_joomlaupdate (2.5.0) | plg_quickicon_extensionupdate (2.5.0) | plg_authentication_gmail (2.5.0) | plg_authentication_ldap (2.5.0) | plg_authentication_joomla (2.5.0) | plg_content_geshi (2.5.0) | plg_content_finder (2.5.0) | Content - RokBox (1.2) | plg_content_vote (2.5.0) | AllVideos (by JoomlaWorks) (4.4) | plg_content_loadmodule (2.5.0) | plg_content_pagenavigation (2.5.0) | plg_content_emailcloak (2.5.0) | plg_content_joomla (2.5.0) | plg_content_pagebreak (2.5.0) | plg_system_highlight (2.5.0) | plg_system_cache (2.5.0) | System - RokBox (1.2) | plg_system_languagecode (2.5.0) | plg_system_debug (2.5.0) | plg_system_redirect (2.5.0) | plg_system_p3p (2.5.0) | plg_system_logout (2.5.0) | System - Gantry (4.0.5) | plg_system_log (2.5.0) | plg_system_sef (2.5.0) | plg_system_remember (2.5.0) | System - RokExtender (1.0) | System - RokCandy (1.3) | System - jQuery Easy (1.2.1) | plg_system_languagefilter (2.5.0) | System - K2 (2.5.7) | plg_search_contacts (2.5.0) | plg_search_newsfeeds (2.5.0) | plg_search_content (2.5.0) | plg_search_weblinks (2.5.0) | plg_search_categories (2.5.0) | Search - K2 (2.5.7) | plg_user_profile (2.5.0) | plg_user_contactcreator (2.5.0) | plg_user_joomla (2.5.0) | User - K2 (2.5.7) | plg_extension_joomla (2.5.0) | plg_captcha_recaptcha (2.5.0) | plg_editors-xtd_image (2.5.0) | plg_editors-xtd_article (2.5.0) | plg_editors-xtd_readmore (2.5.0) | Button - RokCandy (1.3) | plg_editors-xtd_pagebreak (2.5.0) |
Templates Discovered :: wrote:Templates :: SITE :: atomic (2.5.0) | beez_20 (2.5.0) | theme1188 (2.5) | beez5 (2.5.0) |
Templates :: ADMIN :: bluestork (2.5.0) | hathor (2.5.0) |

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 44022
Joined: Sat Apr 05, 2008 9:58 pm

Re: ERROR 404 - PAGE NOT FOUND

Post by Webdongle » Fri Oct 24, 2014 6:22 pm

configuration.php is 755 it should be 444

Where did you get your custom Template from ?
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".

mtruffa
Joomla! Apprentice
Joomla! Apprentice
Posts: 8
Joined: Wed Oct 01, 2014 4:44 pm

Re: Error 404 - Page Not Found

Post by mtruffa » Sat Oct 25, 2014 12:04 pm

I got the templates from template monster

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 44022
Joined: Sat Apr 05, 2008 9:58 pm

Re: Error 404 - Page Not Found

Post by Webdongle » Sat Oct 25, 2014 12:13 pm

I cant find that Template on there. Sometimes hacks can enter the site through a badly written Template.

http://forum.joomla.org/viewtopic.php?f=621&t=582854 explains all the steps to take to clean your site(i.e. delete all files) and how to rebuild. Also it contains links to help you secure your site. configuration.php being 755 is a security issue you need to address.
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 15150
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Error 404 - Page Not Found

Post by mandville » Sat Oct 25, 2014 12:38 pm

your joomla is outr of date and vulnerable. your extensions are out of date (k2...) follow the instructions in webdongle posde
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}


Locked

Return to “Security in Joomla! 2.5”