Joomla! Discussion Forums

Just wanted to add that I just saw the same user registration on an old 1.0.13 site I had forgotten about.

is there a way to check if new content has been placed on your page, or do you have to do it manually. six of my sites had margarittaes as a visitor. need to make sure they're ok.

Had the same user registration. I noticed index.php and index.html in the root had a load of html links added all about viagra! Not seen any other modified files yet.

I to got hit just now...

So far only one site of the few I have Running Joomla 1.0.15

One reason I like Joomla is this very community.

Amazingly I did a search for the user email address on Google and got one link ... to this forum post.

As many have mentioned ... it is all part of the game sadly. Still many thanks to all and bookmark those Security pages people.

Install recaptcha and put the list from perishablepress to block spam bots. modsecurity with arguments block such as viagra etc would help as well. mod_spamhaus is doing a great job blocking spammers.

She is also going by Sienioritta. Apparently registering with sites all over the place. 6-7 of mine have been registered in the last 36 hours...

M.

Yep margarittaes registered here too. No links in joomla index.php or template index.php here tho.

If everyone will start posting the spam attempts we will flood the forum...

Looks like this is targeting 1.0.14 or earlier sites. We have a few that haven't been updated to 1.0.15 and they're the only ones with registrations for Margaret and Sienioritta.

Looks like someone has written a script to access the default registration module as though it were published, but unless you've hacked the module to allow blind acceptance for newly registered users it will leave these new users disabled.

<deleted>

Unless you've really messed up your server security settings, simply getting bogus registrations--validated or not--shouldn't expose your site's files to modification.

Unless you've really messed up your Joomla security settings and user permissions, even if this attack is able to create a usable Joomla account, the worst they should be able to do is add some junk to your content items. This content will be stored in the database, not the file server. If this is your situation, just look for recently modified content items.

If all they need to do is create a Joomla account in order to modify your index.php, template files, etc., then you really need to find a qualified person to help you secure your site. No site should be left so insecure, and none need to be.

Hi,

3 of my sites got visited by Margaret and Sienioritta. But on those 3 sites, user registration and frontend login were disabled from the global config in admin. Can anyone suggest, what should i do to protect the sites now?

I have many other sites using Joomla! 1.0.12 Stable. Please someone suggest me how do i protect other sites?

Waiting for some help urgently.

Thanks

thewebxpert check response by adamos46

@ALL

remorsless reporting of bogus attempts or successful registrations by a bot does not assist anyone.

Joomla! v1.0 users
- If you are below J! 1.0.15 - upgrade immediately

Joomla! v1.5 users
- If you are below J! 1.5.7 - upgrade immediately

- Install a CAPTCHA, RE-CAPCHA extension

- Ensure that registrations REQUIRE confirmation

Hi

My question is linked to this issue... I want to 'approve' new members (in the back end) before they get access to the registered part of my site.

So the process is that they fill in the registration form, which sets them up but sends ME an email to alert me to their registration request - if i approve it then it sends the registration confirmation email to the user. Although I appreciate this is not practical for everyone it would solve this problem and would be a great security option for smaller community sites with private information!

Any ideas if this can be done or if there is an extension that will enable me to achieve something similar?

I have Joomla 1.5.7 installed.

Thanks

I use Community Builder (website is http://www.joomlapolis.com/) along with and JUGA (website is http://www.dioscouri.com/juga/ ). The three work very well together for me and what needs we have for our site.

I have looked at Community Builder, but it seems a bit like using a sledge hammer to crack a nut! I was hoping to find a smaller and simpler option as I don't need the rest of what it has to offer. Thanks for the suggestion though :-)

upgrade

Any chance forum moderators can delete all the useless forum posts about obsolete versions of some application getting 'hacked'?

Reporting that an obsolete application got compromised tells us absolutely nothing new. It does say something about the site maintainer, but who cares.

If you can't do that (out of politeness?), then how about at least moving such posts to a forum called, "Obsolete and Redundant Posts". That way we don't have to wade through that garbage when looking for real information.

ROTFLOL! I l fell off my chair.

If these people would only read the security stickies before posting... but that's not gonna happen.

Even if they do read the stickies, I think that some posters may just want a "cup of tea and sympathy". Or are just so new to CMS systems that they just don't understand that updates really do need to be applied (the "if it ain't broke, don't fix it" mentality).

This very same mentality keeps me in the computer repair business because people can't be bothered to renew their antivirus programs! Even the FREE ones!

Others may be just so panicked that they just need reassurance and hand-holding.

So, even though I personally think that your idea has merit, the alienation factor would outweigh the benefits...

Not to mention that the moderators would probably have to clear out 75% of all posts, anywhere!!!

By the way, I have found a lot of your posts really helpful to me!

Agreed with what stoney2you (great another geekette to add to the fold!) says, along with what RussW said a few posts above and also with what Brad is always saying.
Mods - official "Can we lock this topic now" post.
Thanks