Hacked by "Net Devil"..needs HELP!
Moderator: General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
-
- Joomla! Fledgling
- Posts: 2
- Joined: Sat Jun 24, 2006 9:03 am
Hacked by "Net Devil"..needs HELP!
Hi!
My homepage (floberghagen.com) has been "hacked" by NetDevil-for the old T!M35!...
I can not log on my admin, and dont know how to troubleshoot this...
Anybody out there that know how this can be fixed??
Probably/i hope it`s only the index-file he/she has taken.....?
Trond
My homepage (floberghagen.com) has been "hacked" by NetDevil-for the old T!M35!...
I can not log on my admin, and dont know how to troubleshoot this...
Anybody out there that know how this can be fixed??
Probably/i hope it`s only the index-file he/she has taken.....?
Trond
- Tonie
- Joomla! Master
- Posts: 16553
- Joined: Thu Aug 18, 2005 7:13 am
Re: Hacked by "Net Devil"..needs HELP!
Have you read this thread? This could be a good start.
-
- Joomla! Fledgling
- Posts: 2
- Joined: Sat Jun 24, 2006 9:03 am
Re: Hacked by "Net Devil"..needs HELP!
Thanks! I didn`t do that, bur via my FTP i updated the index.php and mambo.php, and got my page back
How can i prevent this in the future?? I use version 4.5.2. How do the hackers realy replace å new index file on my server? Are there anything i can do the improve the security?
Trond
How can i prevent this in the future?? I use version 4.5.2. How do the hackers realy replace å new index file on my server? Are there anything i can do the improve the security?
Trond
Re: Hacked by "Net Devil"..needs HELP!
Many things can be done to improve security.dr.t wrote: Are there anything i can do the improve the security?
Trond
Here is just a few things anyone can do, but security in general goes far beyond the scope of a simple forum post.
Basic things include, make sure you are patched to the highest current level of your software, *NIX or Windows
Backup to physical removeable media. Backup often
Only allow file and directory permissions as needed
Remove any and all unwary software & services from your server
Use a SPI firewall at the minimum, layer 7 firewall if possible
-
- Joomla! Enthusiast
- Posts: 141
- Joined: Wed Sep 07, 2005 5:18 pm
- Location: The Netherlands
- Contact:
Re: Hacked by "Net Devil"..needs HELP!
upgrade to joomla! 1.09 !!!! you are a sitting duck like thisdr.t wrote: Thanks! I didn`t do that, bur via my FTP i updated the index.php and mambo.php, and got my page back
How can i prevent this in the future?? I use version 4.5.2. How do the hackers realy replace å new index file on my server? Are there anything i can do the improve the security?
Trond
Signature rules: http://forum.joomla.org/index.php/topic,65.0.html
Only exact url's allowed
Only exact url's allowed
- grace
- Joomla! Enthusiast
- Posts: 113
- Joined: Wed Sep 14, 2005 5:59 am
- Contact:
Re: Hacked by "Net Devil"..needs HELP!
Hi:
You can add this roules in your .htaccess file
RewriteEngine ON
RewriteCond %{THE_REQUEST} cmd=cd [NC]
RewriteCond %{THE_REQUEST} perl
RewriteRule ^(.*)$ http://127.0.0.1/ [R=301,L]
Then go to your cpanel and set a Password Protect Directories in the files Administrator of your Mambo.
And for more security event the folder components/com_content.
The next time you will need access at the backend write the two password.
Good luck!
You can add this roules in your .htaccess file
RewriteEngine ON
RewriteCond %{THE_REQUEST} cmd=cd [NC]
RewriteCond %{THE_REQUEST} perl
RewriteRule ^(.*)$ http://127.0.0.1/ [R=301,L]
Then go to your cpanel and set a Password Protect Directories in the files Administrator of your Mambo.
And for more security event the folder components/com_content.
The next time you will need access at the backend write the two password.
Good luck!
-
- Joomla! Enthusiast
- Posts: 136
- Joined: Sun Sep 11, 2005 7:46 pm
- Location: san francisco, ca usa
Re: Hacked by "Net Devil"..needs HELP!
Does this .htaccess update work with the new 1.10 security release or is it unnecessary?
Seems like a safe thing to do but I don't want to create a conflict with other changes.
Thanks for your input.
Seems like a safe thing to do but I don't want to create a conflict with other changes.
Thanks for your input.
- grace
- Joomla! Enthusiast
- Posts: 113
- Joined: Wed Sep 14, 2005 5:59 am
- Contact:
Re: Hacked by "Net Devil"..needs HELP!
Yes, the roules work with all version. And with others programs or files in your web.
You will be more safe.
Bye
You will be more safe.
Bye
-
- Joomla! Enthusiast
- Posts: 113
- Joined: Thu Jun 01, 2006 11:23 pm
Re: Hacked by "Net Devil"..needs HELP!
Just to pick on one point, what methods can one use to backup the website ? What files should one backup ? The whole site, or just particular files.digitaldentist wrote:Many things can be done to improve security.dr.t wrote: Are there anything i can do the improve the security?
Trond
Here is just a few things anyone can do, but security in general goes far beyond the scope of a simple forum post.
Basic things include, make sure you are patched to the highest current level of your software, *NIX or Windows
Backup to physical removeable media. Backup often
Only allow file and directory permissions as needed
Remove any and all unwary software & services from your server
Use a SPI firewall at the minimum, layer 7 firewall if possible
.
-
- Joomla! Hero
- Posts: 2454
- Joined: Sun Aug 28, 2005 5:03 pm
Re: Hacked by "Net Devil"..needs HELP!
General rule...what methods can one use to backup the website ? What files should one backup ? The whole site, or just particular files.
1 - Back up all files after each install of a component, module, template or bot! You do not need to backup regularly since these files don';t change regularly unless you install something.
2 - Back up your images folder after each site update or content post or once a week if you update often.
3 - If possible use a mirroring FTP tool to automatically keep a local copy of your site as changes are made!
4 - Set up a cron or use some backup utility to backup the database often! Once a day is the safest but once a week will do...
5 - If you have the space you might want to save all these backups on the server in a protected non-public area to save you transfer time should you need to restore a hacked site!
I don't suggest writing content in the Joomla Editor...Better to create it locally and then paste it into the J! editor...Just save those files for a week and you should be able to restore whatever you missed if something happens between backups!
- crash777
- Joomla! Explorer
- Posts: 334
- Joined: Sat Sep 03, 2005 1:56 am
- Location: Upstate New York
Re: Hacked by "Net Devil"..needs HELP!
Any suggestions on either rule 2 or rule 4?Asphyx wrote:General rule...what methods can one use to backup the website ? What files should one backup ? The whole site, or just particular files.
2 - Back up your images folder after each site update or content post or once a week if you update often.
4 - Set up a cron or use some backup utility to backup the database often! Once a day is the safest but once a week will do...
Thanks!
Aaron
Aaron
-
- Joomla! Hero
- Posts: 2454
- Joined: Sun Aug 28, 2005 5:03 pm
Re: Hacked by "Net Devil"..needs HELP!
Well if you don't know how to set up a cron don't try #4....Also if you rent a server you might not even have the ability to set up a cron...
As for #2 even a simple ftp mirrior utility could be used locally to syncronize with your images folders to make a backup whenever a filke is changed...
As for #2 even a simple ftp mirrior utility could be used locally to syncronize with your images folders to make a backup whenever a filke is changed...
- crash777
- Joomla! Explorer
- Posts: 334
- Joined: Sat Sep 03, 2005 1:56 am
- Location: Upstate New York
Re: Hacked by "Net Devil"..needs HELP!
4 - I am not overly familiar with it but I lease a server and do have shell access and the ability to set up cron jobs. I think what I, as well as others may be looking for is an example script that will show us the best way to backup the necessary files...Asphyx wrote: Well if you don't know how to set up a cron don't try #4....Also if you rent a server you might not even have the ability to set up a cron...
As for #2 even a simple ftp mirrior utility could be used locally to syncronize with your images folders to make a backup whenever a filke is changed...
2 - I use the backup built into WHM.. incremental FTP backup.. not a mirror as it only runs once a day.. does the mirror run anytime there is a change? Which utility do you use?
Thanks!
Aaron
Aaron
-
- Joomla! Hero
- Posts: 2454
- Joined: Sun Aug 28, 2005 5:03 pm
Re: Hacked by "Net Devil"..needs HELP!
Here is a good link to making a cron script and using crontab...4 - I am not overly familiar with it but I lease a server and do have shell access and the ability to set up cron jobs. I think what I, as well as others may be looking for is an example script that will show us the best way to backup the necessary files...
http://www.scrounge.org/linux/cron.html
an example would be:
10 0 * * 6 cp /path/to/webroot/* /path/to/backup/files
Will copy all files from webroot top your backup folder on saturday 12:10 am
the command your going to run is a simply copy from one folder to the other. use whatever command your OS uses to copy files from one place to another. Make sure the backups are being copied to a non public folder unreachable by the webserver (above public_html) but available by FTP.
I personally use Dreamweaver to sync my local files to the server. But if you run windows locally look for FTPSync as an option. http://www.fileware.com/products.htm2 - I use the backup built into WHM.. incremental FTP backup.. not a mirror as it only runs once a day.. does the mirror run anytime there is a change? Which utility do you use?
Dreamweaver will automatically sync the local and remote files and if something has changed will even alert me that a change outside of dreamweaver has been made!
Remember you really only need to sync and regularly backup the images folder as that changes as content is added...