The Joomla! Forum ™



Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  [ 14 posts ] 
Author Message
PostPosted: Sat Jun 24, 2006 9:16 am 
Joomla! Fledgling
Joomla! Fledgling

Joined: Sat Jun 24, 2006 9:03 am
Posts: 2
Hi!
My homepage (floberghagen.com) has been "hacked" by NetDevil-for the old T!M35!... >:(

I can not log on my admin, and dont know how to troubleshoot this... :(

Anybody out there that know how this can be fixed??

Probably/i hope it`s only the index-file he/she has taken.....?

Trond


Top
 Profile  
 
PostPosted: Sat Jun 24, 2006 9:22 am 
User avatar
Joomla! Master
Joomla! Master
Online

Joined: Thu Aug 18, 2005 7:13 am
Posts: 16549
Have you read this thread? This could be a good start.

_________________
Joomla forum global moderator.

Have fun


Top
 Profile  
 
PostPosted: Sat Jun 24, 2006 1:18 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Sat Jun 24, 2006 9:03 am
Posts: 2
Thanks! I didn`t do that, bur via my FTP i updated the index.php and mambo.php, and got my page back :)

How can i prevent this in the future?? I use version 4.5.2. How do the hackers realy replace å new index file on my server? Are there anything i can do the improve the security?

Trond


Top
 Profile  
 
PostPosted: Sat Jun 24, 2006 2:02 pm 
dr.t wrote:
Are there anything i can do the improve the security?

Trond

Many things can be done to improve security.
Here is just a few things anyone can do, but security in general goes far beyond the scope of a simple forum post.
Basic things include, make sure you are patched to the highest current level of your software, *NIX or Windows
Backup to physical removeable media. Backup often
Only allow file and directory permissions as needed
Remove any and all unwary software & services from your server
Use a SPI firewall at the minimum, layer 7 firewall if possible


Top
  
 
PostPosted: Sat Jun 24, 2006 2:56 pm 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Wed Sep 07, 2005 5:18 pm
Posts: 141
Location: The Netherlands
dr.t wrote:
Thanks! I didn`t do that, bur via my FTP i updated the index.php and mambo.php, and got my page back :)

How can i prevent this in the future?? I use version 4.5.2. How do the hackers realy replace å new index file on my server? Are there anything i can do the improve the security?

Trond


upgrade to joomla! 1.09 !!!! you are a sitting duck like this ;)

_________________
Signature rules: http://forum.joomla.org/index.php/topic,65.0.html
Only exact url's allowed


Top
 Profile  
 
PostPosted: Sun Jun 25, 2006 7:34 am 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Wed Sep 14, 2005 5:59 am
Posts: 113
Hi:
You can add this roules in your .htaccess file

RewriteEngine ON
RewriteCond %{THE_REQUEST} cmd=cd [NC]
RewriteCond %{THE_REQUEST} perl
RewriteRule ^(.*)$ http://127.0.0.1/ [R=301,L]

Then go to your cpanel and set a Password Protect Directories in the files Administrator of your Mambo.
And for more security event the folder components/com_content.
The next time you will need access at the backend write the two password.
Good luck!


Top
 Profile  
 
PostPosted: Mon Jun 26, 2006 6:21 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sun Sep 11, 2005 7:46 pm
Posts: 136
Location: san francisco, ca usa
Does this .htaccess update work with the new 1.10 security release or is it unnecessary?
Seems like a safe thing to do but I don't want to create a conflict with other changes.

Thanks for your input.


Top
 Profile  
 
PostPosted: Mon Jun 26, 2006 10:10 pm 
User avatar
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Wed Sep 14, 2005 5:59 am
Posts: 113
Yes, the roules work with all version. And with others programs or files in your web.
You will be more safe.
Bye


Top
 Profile  
 
PostPosted: Tue Jun 27, 2006 12:34 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Thu Jun 01, 2006 11:23 pm
Posts: 113
digitaldentist wrote:
dr.t wrote:
Are there anything i can do the improve the security?

Trond

Many things can be done to improve security.
Here is just a few things anyone can do, but security in general goes far beyond the scope of a simple forum post.
Basic things include, make sure you are patched to the highest current level of your software, *NIX or Windows
Backup to physical removeable media. Backup often
Only allow file and directory permissions as needed
Remove any and all unwary software & services from your server
Use a SPI firewall at the minimum, layer 7 firewall if possible


Just to pick on one point, what methods can one use to backup the website ? What files should one backup ? The whole site, or just particular files.

.


Top
 Profile  
 
PostPosted: Tue Jun 27, 2006 1:24 pm 
Joomla! Hero
Joomla! Hero

Joined: Sun Aug 28, 2005 5:03 pm
Posts: 2447
Quote:
what methods can one use to backup the website ? What files should one backup ? The whole site, or just particular files.


General rule...
1 - Back up all files after each install of a component, module, template or bot! You do not need to backup regularly since these files don';t change regularly unless you install something.

2 - Back up your images folder after each site update or content post or once a week if you update often.

3 - If possible use a mirroring FTP tool to automatically keep a local copy of your site as changes are made!

4 - Set up a cron or use some backup utility to backup the database often! Once a day is the safest but once a week will do...

5 - If you have the space you might want to save all these backups on the server in a protected non-public area to save you transfer time should you need to restore a hacked site!


I don't suggest writing content in the Joomla Editor...Better to create it locally and then paste it into the J! editor...Just save those files for a week and you should be able to restore whatever you missed if something happens between backups!


Top
 Profile  
 
PostPosted: Tue Jul 25, 2006 11:06 am 
User avatar
Joomla! Explorer
Joomla! Explorer

Joined: Sat Sep 03, 2005 1:56 am
Posts: 334
Location: Upstate New York
Asphyx wrote:
Quote:
what methods can one use to backup the website ? What files should one backup ? The whole site, or just particular files.


General rule...
2 - Back up your images folder after each site update or content post or once a week if you update often.

4 - Set up a cron or use some backup utility to backup the database often! Once a day is the safest but once a week will do...

Any suggestions on either rule 2 or rule 4?

_________________
Thanks!
Aaron


Top
 Profile  
 
PostPosted: Wed Jul 26, 2006 12:36 am 
Joomla! Hero
Joomla! Hero

Joined: Sun Aug 28, 2005 5:03 pm
Posts: 2447
Well if you don't know how to set up a cron don't try #4....Also if you rent a server you might not even have the ability to set up a cron...

As for #2 even a simple ftp mirrior utility could be used locally to syncronize with your images folders to make a backup whenever a filke is changed...


Top
 Profile  
 
PostPosted: Wed Jul 26, 2006 10:31 am 
User avatar
Joomla! Explorer
Joomla! Explorer

Joined: Sat Sep 03, 2005 1:56 am
Posts: 334
Location: Upstate New York
Asphyx wrote:
Well if you don't know how to set up a cron don't try #4....Also if you rent a server you might not even have the ability to set up a cron...

As for #2 even a simple ftp mirrior utility could be used locally to syncronize with your images folders to make a backup whenever a filke is changed...


4 - I am not overly familiar with it but I lease a server and do have shell access and the ability to set up cron jobs. I think what I, as well as others may be looking for is an example script that will show us the best way to backup the necessary files...

2 - I use the backup built into WHM.. incremental FTP backup.. not a mirror as it only runs once a day.. does the mirror run anytime there is a change? Which utility do you use?

_________________
Thanks!
Aaron


Top
 Profile  
 
PostPosted: Wed Jul 26, 2006 2:51 pm 
Joomla! Hero
Joomla! Hero

Joined: Sun Aug 28, 2005 5:03 pm
Posts: 2447
Quote:
4 - I am not overly familiar with it but I lease a server and do have shell access and the ability to set up cron jobs. I think what I, as well as others may be looking for is an example script that will show us the best way to backup the necessary files...


Here is a good link to making a cron script and using crontab...
http://www.scrounge.org/linux/cron.html

an example would be:
10 0 * * 6 cp /path/to/webroot/* /path/to/backup/files

Will copy all files from webroot top your backup folder on saturday 12:10 am


the command your going to run is a simply copy from one folder to the other. use whatever command your OS uses to copy files from one place to another. Make sure the backups are being copied to a non public folder unreachable by the webserver (above public_html) but available by FTP.

Quote:
2 - I use the backup built into WHM.. incremental FTP backup.. not a mirror as it only runs once a day.. does the mirror run anytime there is a change? Which utility do you use?


I personally use Dreamweaver to sync my local files to the server. But if you run windows locally look for FTPSync as an option. http://www.fileware.com/products.htm

Dreamweaver will automatically sync the local and remote files and if something has changed will even alert me that a change outside of dreamweaver has been made!

Remember you really only need to sync and regularly backup the images folder as that changes as content is added...


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 14 posts ] 



Who is online

Users browsing this forum: No registered users and 14 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group