Page 1 of 1

I have had my site suspended due to security issue

Posted: Sat Dec 01, 2007 2:38 pm
by fcoulter
Hi, my hosting company have suspended scripting on my site due a security problem with Joomla 1.5. I will repeat the message I received from them:-

Your site was disabled as it was found to be running a daemon, this appears to have been injected into your site using a security hole in one of your sites scripts. A couple of lines from the server logs that show how this was done are below. You will need to contact the scripts providers for assistance with securing them against this form of attack.

[EDIT MOD: details of hacking deleted. Forwarded to devs for checking]


This was a demo site that I was using for your template contest. I can't help wondering if this was deliberate sabotage.

Re: I have had my site suspended due to security issue

Posted: Sat Dec 01, 2007 2:56 pm
by infograf768
Please do not post details of hacks.
I forward this to devs to have a look.
What was exactly the SVN version used?

Re: I have had my site suspended due to security issue

Posted: Sat Dec 01, 2007 3:23 pm
by fcoulter
The version was

1.5.0 Beta 2 Released [04-May-2007]

Sorry about posting the details of the hack - the trouble is that you don't seem to provide anywhere non-public to post these, and I wanted to make you aware of the problem as soon as possible, as it has caused major problems for my site and potentially could for others too I would guess.

Re: I have had my site suspended due to security issue

Posted: Sat Dec 01, 2007 3:39 pm
by infograf768
It is a well know fact that vulnerabilities in beta2 have been solved in later releases and this was made VERY CLEAR in the 3 following RC announcements.
Sorry you have been hacked, but you, as a coder, should have followed with more attention 1.5 development status.

If you have some security issues with further releases, please pm to moderator with details.

You may overwrite your beta2 files with latest nightly build. Look at the upgrading board. There are some sql diff to run with phpmyadmin.

Re: I have had my site suspended due to security issue

Posted: Sat Dec 01, 2007 3:46 pm
by infograf768
Moving to 1,5 security board

Re: I have had my site suspended due to security issue

Posted: Sun Dec 02, 2007 11:09 am
by fcoulter
OK thanks,

pardon me for being a bit pissed off that I went to the trouble of producing a free Joomla template and someone used that as an opportunity to trash my site - sadly there seem to be some very unpleasant people on the internet these days. However I don't think any long term damage has been caused. You are right that I should have been more careful, I suppose I didn't think that that anyone would bother hacking a purely demonstration site. I can't really see the point myself, other than pure vandalism.