If I am suspicious of some files in my installation, can I install the component again, will it overwrite all the existing files and replace them with good copies of the component? From my perspective, this represents a substantial time saving on investigating each file if I just reinstall the component for any suspicious files, and/or plugins/modules/joomla.
Then all I would be left with are files that are not part of the usual installation to investigate, and I can be more sure that they are potentially dodgy, so I can rename them and investigate.
Would this methodology work, or should I do this process via FTP?
Installing a component over the top
Moderators: mandville, General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
- uaintgotthisid
- Joomla! Explorer
- Posts: 367
- Joined: Wed Sep 10, 2008 6:05 pm
- Location: Essex, England, United Kingdom
- Contact:
Installing a component over the top
Joomla lover, web designer, marketeer
https://www.squareballoon.co.uk
JOIN US at Joomla! User Group London
https://www.joomlalondon.co.uk
https://www.squareballoon.co.uk
JOIN US at Joomla! User Group London
https://www.joomlalondon.co.uk
- Per Yngve Berg
- Joomla! Master
- Posts: 30934
- Joined: Mon Oct 27, 2008 9:27 pm
- Location: Romerike, Norway
Re: Installing a component over the top
Mod. Note: Relcated the topic to the Security J3.x Forum.
See the stickies in this forum on how to deal with a hacked site.
See the stickies in this forum on how to deal with a hacked site.
- uaintgotthisid
- Joomla! Explorer
- Posts: 367
- Joined: Wed Sep 10, 2008 6:05 pm
- Location: Essex, England, United Kingdom
- Contact:
Re: Installing a component over the top
Thanks, I'm not 100% sure it is a hacked site, but the recommendation is to create a whole new Joomla! site and reinstall all extensions then reconnect the database which would achieve the same thing and ensure no erroneous files. That would work for me.
I'd still be interested in the answer to my question. If I only get security warnings about certain extensions then it would be far quicker to install over the top of those files. Particularly, if they are core files for the extension.
I'd still be interested in the answer to my question. If I only get security warnings about certain extensions then it would be far quicker to install over the top of those files. Particularly, if they are core files for the extension.
Joomla lover, web designer, marketeer
https://www.squareballoon.co.uk
JOIN US at Joomla! User Group London
https://www.joomlalondon.co.uk
https://www.squareballoon.co.uk
JOIN US at Joomla! User Group London
https://www.joomlalondon.co.uk
- leolam
- Joomla! Master
- Posts: 20652
- Joined: Mon Aug 29, 2005 10:17 am
- Location: Netherlands/ Germany/ S'pore/Bogor/ North America
- Contact:
Re: Installing a component over the top
The recommendation is listed here http://forum.joomla.org/viewtopic.php?f=714&t=757645 and that is the only way of doing this properly. No other way will cleans a site properly
Leo
Leo
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: Installing a component over the top
what " security warnings" are you getting
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
- uaintgotthisid
- Joomla! Explorer
- Posts: 367
- Joined: Wed Sep 10, 2008 6:05 pm
- Location: Essex, England, United Kingdom
- Contact:
Re: Installing a component over the top
From Admin Tools file scanner.
For example
File path Threat score
libraries/joomla/google/embed/analytics.php 10
I can't see anything wrong with the file, I think it's a false positive, but I'm not a dev so I am curious as to how to analyse something like that. Clearly reading the comments in the file is not a sensible approach
Replacing the file is very easy to do rather than installing a new Joomla! replacing one file resolves it for me right? There are a few other files that have warnings but, on the whole, I still think I would find this process easier than redoing Joomla! although I understand the clear benefits of doing things the other way as I am only removing flagged files and some may not have been identified.
The main point is there is no threat identified for sure and no client paying at present. It's a labour of love at the moment and me attempting to understand better the threat and how to identify issues.
For example
File path Threat score
libraries/joomla/google/embed/analytics.php 10
I can't see anything wrong with the file, I think it's a false positive, but I'm not a dev so I am curious as to how to analyse something like that. Clearly reading the comments in the file is not a sensible approach
Replacing the file is very easy to do rather than installing a new Joomla! replacing one file resolves it for me right? There are a few other files that have warnings but, on the whole, I still think I would find this process easier than redoing Joomla! although I understand the clear benefits of doing things the other way as I am only removing flagged files and some may not have been identified.
The main point is there is no threat identified for sure and no client paying at present. It's a labour of love at the moment and me attempting to understand better the threat and how to identify issues.
Joomla lover, web designer, marketeer
https://www.squareballoon.co.uk
JOIN US at Joomla! User Group London
https://www.joomlalondon.co.uk
https://www.squareballoon.co.uk
JOIN US at Joomla! User Group London
https://www.joomlalondon.co.uk