Code: Select all
Linux+"some-code"[[]]
Does anyone know what is causing this and how I can resolve the issue?
Moderators: mandville, General Support Moderators
Code: Select all
Linux+"some-code"[[]]
Forum Post Assistant (v1.2.7) : 5th May 2016 wrote:Basic Environment :: wrote:Joomla! Instance :: Joomla! 3.5.1-Stable (Unicorn) 05-April-2016
Joomla! Platform :: Joomla Platform 13.1.0-Stable (Curiosity) 24-Apr-2013
Joomla! Configured :: Yes | Read-Only (444) | Owner: gedazzle (uid: 1/gid: 1) | Group: gedazzle (gid: 1) | Valid For: 3.5
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 0 | SEF ReWrite: 1 | .htaccess/web.config: Yes | GZip: 1 | Cache: 1 | FTP Layer: 0 | SSL: 0 | Error Reporting: none | Site Debug: 0 | Language Debug: 0 | Default Access: 1 | Unicode Slugs: 0 | Database Credentials Present: Yes
Host Configuration :: OS: Linux | OS Version: 2.6.32-573.22.1.el6.x86_64 | Technology: x86_64 | Web Server: Apache | Encoding: gzip, deflate | Doc Root: /home/gedazzle/public_html | System TMP Writable: Yes
PHP Configuration :: Version: 5.5.33 | PHP API: cgi-fcgi | Session Path Writable: Yes | Display Errors: 1 | Error Reporting: 24567 | Log Errors To: error_log | Last Known Error: | Register Globals: | Magic Quotes: | Safe Mode: | Open Base: | Uploads: 1 | Max. Upload Size: 64M | Max. POST Size: 8M | Max. Input Time: 60 | Max. Execution Time: 30 | Memory Limit: 256M
MySQL Configuration :: Version: 5.6.29 (Client:mysqlnd 5.0.11-dev - 20120503 - $Id: 15d5c781cfcad91193dceae1d2cdd127674ddb3e $) | Host: --protected-- (--protected--) | Collation: utf8_general_ci (Character Set: utf8) | Database Size: 7.60 MiB | #of Tables: 114Detailed Environment :: wrote:PHP Extensions :: Core (5.5.33) | date (5.5.33) | ereg () | libxml () | openssl () | pcre () | sqlite3 (0.7-dev) | zlib (2.0) | bcmath () | bz2 () | calendar () | ctype () | curl () | dom (20031129) | hash (1.0) | filter (0.11.0) | ftp () | gd () | gettext () | SPL (0.2) | iconv () | session () | intl (1.1.0) | json (1.2.1) | mbstring () | mcrypt () | standard (5.5.33) | mysqlnd (mysqlnd 5.0.11-dev - 20120503 - $Id: 15d5c781cfcad91193dceae1d2cdd127674ddb3e $) | mysqli (0.1) | mysql (1.0) | Phar (2.0.2) | posix () | pspell () | Reflection ($Id: dc76d2fe0f3e9c327c1d4ca617d94e26c7fae98d $) | imap () | SimpleXML (0.1) | soap () | sockets () | exif (1.4 $Id: ff29fdd0fa0b922fd32e2f5704857dcc8543f628 $) | tidy (2.0) | tokenizer (0.1) | xml () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.11.0) | cgi-fcgi () | suhosin (0.9.36) | PDO (1.0.4dev) | pdo_sqlite (1.0.1) | pdo_mysql (1.0.2) | SourceGuardian (10.1) | ionCube Loader () | Zend Guard Loader () | Zend Engine (2.5.0) |
Potential Missing Extensions ::
Switch User Environment (Experimental) :: PHP CGI: Yes | Server SU: No | PHP SU: Yes | Custom SU (LiteSpeed/Cloud/Grid): Yes
Potential Ownership Issues: NoFolder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |
Elevated Permissions (First 10) ::Extensions Discovered :: wrote:Components :: SITE :: com_mailto (3.0.0) | com_wrapper (3.0.0) | WF_FORMATSELECT_TITLE (2.5.16) | WF_NONBREAKING_TITLE (2.5.16) | WF_LAYER_TITLE (2.5.16) | WF_FILEMANAGER_TITLE (2.1. | WF_SPELLCHECKER_TITLE (2.5.16) | WF_XHTMLXTRAS_TITLE (2.5.16) | WF_CLIPBOARD_TITLE (2.5.16) | WF_INLINEPOPUPS_TITLE (2.5.16) | WF_ARTICLE_TITLE (2.5.16) | WF_FONTSIZESELECT_TITLE (2.5.16) | WF_CONTEXTMENU_TITLE (2.5.16) | WF_BROWSER_TITLE (2.5.16) | WF_TEXTCASE_TITLE (2.5.16) | WF_LISTS_TITLE (2.5.16) | WF_FONTCOLOR_TITLE (2.5.16) | WF_LINK_TITLE (2.5.16) | WF_KITCHENSINK_TITLE (2.5.16) | WF_PREVIEW_TITLE (2.5.16) | WF_HR_TITLE (2.5.16) | WF_VISUALCHARS_TITLE (2.5.16) | WF_FONTSELECT_TITLE (2.5.16) | WF_PRINT_TITLE (2.5.16) | WF_MEDIA_TITLE (2.5.16) | WF_AUTOSAVE_TITLE (2.5.16) | WF_IFRAME_TITLE (2.1.1) | WF_ANCHOR_TITLE (2.5.16) | WF_CLEANUP_TITLE (2.5.16) | WF_IMGMANAGER_EXT_TITLE (2.0.30) | WF_STYLE_TITLE (2.5.16) | WF_SOURCE_TITLE (2.5.16) | WF_SEARCHREPLACE_TITLE (2.5.16) | WF_TABLE_TITLE (2.5.16) | WF_IMGMANAGER_TITLE (2.5.16) | WF_VISUALBLOCKS_TITLE (2.5.16) | WF_CAPTION_TITLE (2.1.11) | WF_CHARMAP_TITLE (2.5.16) | WF_STYLESELECT_TITLE (2.5.16) | WF_MEDIAMANAGER_TITLE (2.0.15) | WF_DIRECTIONALITY_TITLE (2.5.16) | WF_FULLSCREEN_TITLE (2.5.16) | WF_MICRODATA_TITLE (1.0.10) | WF_AGGREGATOR_VIMEO_TITLE (2.5.16) | WF_AGGREGATOR_DAILYMOTION_TITL (2.5.16) | WF_AGGREGATOR_VINE_TITLE (2.5.16) | WF_AGGREGATOR_[youtube]_TITLE (2.5.16) | K2 Links for JCE Link (2.2) | WF_LINKS_JOOMLALINKS_TITLE (2.5.16) | WF_MEDIAPLAYER_JCEPLAYER_TITLE (2.5.16) | WF_LINK_SEARCH_TITLE (2.5.16) | WF_POPUPS_JCEMEDIABOX_TITLE (2.5.16) | WF_POPUPS_WINDOW_TITLE (2.5.16) | WF_POPUPS_ROKBOX_TITLE (2.1.2) | WF_FILESYSTEM_JOOMLA_TITLE (2.5.16) |
Components :: ADMIN :: com_login (3.0.0) | com_joomlaupdate (3.0.0) | com_messages (3.0.0) | Gantry (4.1.31) | com_newsfeeds (3.0.0) | com_templates (3.0.0) | com_config (3.0.0) | COM_SIGPRO (3.1.0) | com_search (3.0.0) | com_banners (3.0.0) | com_postinstall (3.2.0) | com_finder (3.0.0) | com_ajax (3.2.0) | com_weblinks (3.5.0) | com_cpanel (3.0.0) | com_menus (3.0.0) | com_tags (3.1.0) | com_redirect (3.0.0) | Akeeba (4.6.1) | com_checkin (3.0.0) | com_categories (3.0.0) | com_plugins (3.0.0) | com_contenthistory (3.2.0) | com_xmap (2.3.4) | com_languages (3.0.0) | com_content (3.0.0) | COM_ACLMANAGER (2.4.6) | com_admin (3.0.0) | com_users (3.0.0) | com_installer (3.0.0) | com_modules (3.0.0) | RokSprocket (2.1.12) | com_regularlabsmanager (6.0.1) | Unknown (-) | com_cache (3.0.0) | com_media (3.0.0) | Unknown (-) | JCE (2.5.16) |
Modules :: SITE :: RokSprocket Module (2.1.12) | mod_languages (3.0.0) | mod_feed (3.0.0) | mod_random_image (3.0.0) | mod_finder (3.0.0) | mod_wrapper (3.0.0) | mod_articles_category (3.0.0) | mod_articles_archive (3.0.0) | mod_tags_similar (3.1.0) | mod_articles_categories (3.0.0) | mod_custom (3.0.0) | mod_articles_news (3.0.0) | mod_articles_latest (3.0.0) | RokNavMenu (2.0. | mod_footer (3.0.0) | mod_search (3.0.0) | mod_breadcrumbs (3.0.0) | mod_stats (3.0.0) | mod_related_items (3.0.0) | mod_tags_popular (3.1.0) | mod_banners (3.0.0) | mod_syndicate (3.0.0) | mod_articles_popular (3.0.0) | Tabs & Sliders (by JoomlaW (2.0) | mod_menu (3.0.0) | mod_weblinks (3.5.0) | mod_whosonline (3.0.0) | mod_users_latest (3.0.0) | mod_login (3.0.0) |
Modules :: ADMIN :: mod_cachecleaner (5.0.0PRO) | mod_feed (3.0.0) | mod_status (3.0.0) | mod_quickicon (3.0.0) | mod_title (3.0.0) | mod_submenu (3.0.0) | mod_custom (3.0.0) | mod_toolbar (3.0.0) | mod_logged (3.0.0) | mod_latest (3.0.0) | mod_menu (3.0.0) | mod_popular (3.0.0) | mod_stats_admin (3.0.0) | mod_multilangstatus (3.0.0) | mod_version (3.0.0) | mod_login (3.0.0) |
Plugins :: SITE :: plg_quickicon_akeebabackup (1.0) | plg_quickicon_jcefilebrowser (2.5.16) | plg_quickicon_extensionupdate (3.0.0) | plg_quickicon_joomlaupdate (3.0.0) | Xmap - SobiPro Plugin (2.0.2) | Xmap - Virtuemart Plugin (2.0.3) | Xmap - WebLinks Plugin (2.0.1) | Xmap - Content Plugin (2.0.4) | XMAP_PLUGIN_K2 (1.3) | Xmap - Mosets Tree Plugin (2.0.2) | Xmap - Kunena Plugin (3.0.0) | plg_search_weblinks (3.5.0) | plg_search_contacts (3.0.0) | plg_search_tags (3.0.0) | plg_search_content (3.0.0) | plg_search_newsfeeds (3.0.0) | plg_search_categories (3.0.0) | plg_content_emailcloak (3.0.0) | Content - RokInjectModule (1.7) | Simple Picture Slideshow (1.5. | plg_content_loadmodule (3.0.0) | plg_content_geshi (2.5.0) | AllVideos (by JoomlaWorks) (4.7.0) | AllVideos (by JoomlaWorks) (4.7.0) | plg_content_vote (3.0.0) | PLG_CONTENT_ADMIRORCOLUMNIZER (3.5) | plg_content_pagenavigation (3.0.0) | Content - Simple Image Gallery (3.1.0) | plg_content_pagebreak (3.0.0) | plg_content_joomla (3.0.0) | Tabs & Sliders [for articl (3.0.0) | plg_content_finder (3.0.0) | K2 - Simple Image Gallery Pro (3.1.0) | plg_editors_tinymce (4.3.3) | plg_editors_jce (2.5.16) | plg_editors_codemirror (5.12) | plg_captcha_recaptcha (3.4.0) | plg_editors-xtd_article (3.0.0) | plg_editors-xtd_readmore (3.0.0) | Button - Simple Image Gallery (3.1.0) | plg_editors-xtd_pagebreak (3.0.0) | plg_editors-xtd_image (3.0.0) | plg_editors-xtd_module (3.5.0) | plg_twofactorauth_totp (3.2.0) | plg_twofactorauth_yubikey (3.2.0) | plg_user_contactcreator (3.0.0) | plg_user_joomla (3.0.0) | plg_user_profile (3.0.0) | plg_finder_weblinks (3.5.0) | plg_finder_contacts (3.0.0) | plg_finder_tags (3.0.0) | plg_finder_content (3.0.0) | plg_finder_newsfeeds (3.0.0) | plg_finder_categories (3.0.0) | PLG_JMONITORING_AKEEBABACKUP_T (1.0) | plg_extension_joomla (3.0.0) | plg_system_languagecode (3.0.0) | PLG_SYSTEM_BACKUPONUPDATE_TITL (3.7) | plg_system_sef (3.0.0) | System - One Click Action (2.1) | PLG_SYSTEM_AKEEBAUPDATECHECK_T (1.1) | plg_system_highlight (3.0.0) | System - Gantry (4.1.31) | plg_system_jce (2.5.16) | plg_system_updatenotification (3.5.0) | plg_system_stats (3.5.0) | System - ACL Manager (2.4.6) | plg_system_p3p (3.0.0) | PLG_SYS_ADMINEXILE (2.3.6) | System - RokCommon (3.2.4) | plg_system_log (3.0.0) | plg_system_regularlabs (16.4.18881) | plg_system_nnframework (16.3.25323) | plg_system_xcalendar (1.5.0) | plg_system_cache (3.0.0) | System - JCE MediaBox (1.2.2) | plg_system_remember (3.0.0) | plg_system_redirect (3.0.0) | plg_system_debug (3.0.0) | plg_system_cachecleaner (5.0.0PRO) | PLG_SYSTEM_AKGEOIP (1.0.6) | System - RokSprocket (2.1.12) | System - RokExtender (2.0.0) | plg_system_logout (3.0.0) | plg_system_languagefilter (3.0.0) | plg_authentication_gmail (3.0.0) | plg_authentication_cookie (3.0.0) | plg_authentication_joomla (3.0.0) | plg_authentication_ldap (3.0.0) |Templates Discovered :: wrote:Templates :: SITE :: gantry (4.1.29) | beez_20 (2.5.0) | protostar (1.0) | beez5 (2.5.0) | beez3 (3.1.0) | atomic (2.5.0) |
Templates :: ADMIN :: bluestork (2.5.0) | isis (1.0) | hathor (3.0.0) |
LukeDouglas wrote:Also, I did a scan and found that each template 'index.php' did have nefarious code script inserted which I removed.
No ... when asked what steps you took your answer indicated that you had missed out some steps.Hmmm...I indicated that I had done all of the steps except created a new site
But in your OP you asked "Does anyone know what is causing this and how I can resolve the issue?" which 'indicated' that (with all your experience) you still don't know how to fix it. After being directed to the post that gives instructions that will help solve your issue ... you only followed some of the steps. The step you missed out was (arguably) the most important one of deleting the files.I worked during the creation of the computer industry so I'm no novice in knowing how to keep my computer clean
If there is then that will not be the source ... it will be something added with the use of the hack files that are still on the server.itoctopus wrote:...
There might be an .htaccess file in a higher directory causing this problem (for example, if the website resides in a subdirectory, then there might be an .htaccess file with hacked content)....
You may have had a hacked ".htaccess in the upper folder" but the hack files used to put it there are still on your server. You run a 2009 version of wordpress on a 2009 version of php and get hacked frequentlyitoctopus wrote:...
We had a case a couple of weeks ago where the cause of the hack was an .htaccess in the upper folder. Check that and post back here if possible.
I just posted facts. Everything in my previous posts are facts and are on topicitoctopus wrote:... Would you please stop defaming our website? Your post and your behavior are reported.
We have the right of helping others and offering suggestions, if you don't like our suggestions/solutions, then you can bring it up in a civilized way - but please stop falsely defaming our website on completely unrelated posts. ....