I've been hacked!
Moderators: mandville, General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
-
- Joomla! Fledgling
- Posts: 4
- Joined: Tue Sep 16, 2014 12:35 am
I've been hacked!
I was working on my site today, and all of a sudden I started to see advertisements in the backend! They are also in the frontend now, and seem to be independant of Joomla. THe site is http://www.daytonagun owners.com and I'm wondering if anyone else has had this happen to them? I need to get this garbage off my site!
Okay, more info.
The advertisements popped up in the frontend and that backend, and were no more than a simple line of ads that worked like some of the news sliders. It was in the left breadcrumb position, I think... firebug wasn't able to ID the position for some reason.
I reloaded the page, and shut everything down then restarted, and it was gone. Or at least it wasn't running on the reload.
Again, anyone else had this happen?
Okay, more info.
The advertisements popped up in the frontend and that backend, and were no more than a simple line of ads that worked like some of the news sliders. It was in the left breadcrumb position, I think... firebug wasn't able to ID the position for some reason.
I reloaded the page, and shut everything down then restarted, and it was gone. Or at least it wasn't running on the reload.
Again, anyone else had this happen?
Last edited by mandville on Tue Oct 14, 2014 11:40 am, edited 1 time in total.
Reason: broke link
Reason: broke link
-
- Joomla! Hero
- Posts: 2954
- Joined: Sun May 04, 2008 12:37 pm
Re: I've been hacked!
cheap hosting... cheap message....
-
- Joomla! Intern
- Posts: 59
- Joined: Tue Oct 07, 2014 6:59 pm
- Contact:
Re: I've been hacked!
I wonder why your site has been hacked.
-
- Joomla! Apprentice
- Posts: 38
- Joined: Mon Oct 06, 2014 11:26 pm
- Contact:
Re: I've been hacked!
Is you using a free hosting account?
-
- Joomla! Enthusiast
- Posts: 155
- Joined: Thu Apr 17, 2014 12:50 am
- Location: Portland Main
- Contact:
Re: I've been hacked!
Why wouldn't you take it offline if you've been hacked?
Restore it then update joomla and get a different hosting provider with better protection.
Restore it then update joomla and get a different hosting provider with better protection.
- cmshelplive
- Joomla! Enthusiast
- Posts: 171
- Joined: Thu Dec 09, 2010 9:52 am
- Location: United States
- Contact:
Re: I've been hacked!
As per the other comments, the fault most probably lies with server security. You should read out the terms from service provider carefully before signing up. A better known hosts should be preferable choice.
CMSHelpLive Joomla Support
https://cmshelplive.com
https://cmshelplive.com
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: I've been hacked!
It doesn't matter why and it can happen on free or expensive.
Follow the steps here http://forum.joomla.org/viewtopic.php?f=714&t=757645
Follow the steps here http://forum.joomla.org/viewtopic.php?f=714&t=757645
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
- sitesrus
- Joomla! Ace
- Posts: 1469
- Joined: Mon Nov 12, 2012 10:48 pm
Re: I've been hacked!
Having advertising on your site isn't the same as being hacked...that's an extreme term that gets used loosely. Just some suggestions below.
If you "ripped" third party software off the internet than expect it to be compromised or have links/ads embedded in it...if it just showed up one day I find it strange that it would just be advertising and not a breach of data or be of compromising nature to the site itself (for example someone gaining access just to advertise seems strange).
But who knows, it sounds like it could be related to an install or a modification to the site. Either way you should keep in mind,
Cloudflare is great and has a free plan (excellent for security)
Maybe make it harder to access the admin backend so people don't try bruteforcing (plugins for that)
Only use reputable software from reputable sources, no pirating
Use updated PHP versions, mod suhosin, and if you're stuck on shared hosting investigate better hosting providers
Keep joomla and extensions up to date with bug fixes, security patches, and etc.
Routinely back up joomla so worst case scenario is reverting file system back to stable safer state and investigate issues
If you "ripped" third party software off the internet than expect it to be compromised or have links/ads embedded in it...if it just showed up one day I find it strange that it would just be advertising and not a breach of data or be of compromising nature to the site itself (for example someone gaining access just to advertise seems strange).
But who knows, it sounds like it could be related to an install or a modification to the site. Either way you should keep in mind,
Cloudflare is great and has a free plan (excellent for security)
Maybe make it harder to access the admin backend so people don't try bruteforcing (plugins for that)
Only use reputable software from reputable sources, no pirating
Use updated PHP versions, mod suhosin, and if you're stuck on shared hosting investigate better hosting providers
Keep joomla and extensions up to date with bug fixes, security patches, and etc.
Routinely back up joomla so worst case scenario is reverting file system back to stable safer state and investigate issues
I like working with Joomla . I offer the following professional services: Custom extension development, SEO/marketing, maintenance/support, security and WCAG audits, and will work on websites at a reasonable rate.
- cmshelplive
- Joomla! Enthusiast
- Posts: 171
- Joined: Thu Dec 09, 2010 9:52 am
- Location: United States
- Contact:
Re: I've been hacked!
CMSHelpLive Joomla Support
https://cmshelplive.com
https://cmshelplive.com