Need quick help !!

Discussion regarding Joomla! 1.5 security issues.
Joomla! Vulnerable Extensions: ... Extensions

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 160
Joined: Sun Mar 12, 2006 7:11 pm

Need quick help !!

Post by Floranett » Sun Dec 09, 2007 7:35 pm

My hosting provider keep closing my site over and over because of intruders/hackers all the time, and now I need help guys.
I paste some of the lines from my hosting provider for you to see: - - [09/Dec/2007:18:21:31 +0100] "GET /administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path= HTTP/1.1" 200 58 "-" "libwww-perl/5.79" - - [09/Dec/2007:18:23:48 +0100] "GET //components/com_zoom/includes/database.php?mosConfig_absolute_path= HTTP/1.1" 404 - "-" "libwww-perl/5.808" - - [09/Dec/2007:18:40:03 +0100] "GET //index.php?option=index.php?option=com_wrapper&Itemid=&mosConfig_absolute_path= HTTP/1.1" 200 164 "-" "libwww-perl/5.808"

This is the lines, and of course more of them.

zOOm Media Gallery:
I use the zOOm 2.5.1 RC2 and will an update to 2.5.1 RC4 (week 8) secure it, and can I manuel update it without loosing my pictures?

Community Builder:
I use the 1.0.1 and don't know how to secure this  :-[

Will the allow_url_fopen = Off in the php.ini fix this?

I use Joomla 1.0.13 and register globals is set to OFF.

Maybe I shouls tell you more (?)...but need quick help to solve this.

Please help !

Forgot to mention I added the security fix (the 2 EXIF files) to zOOm.
Last edited by Floranett on Sun Dec 09, 2007 7:43 pm, edited 1 time in total.

User avatar
Joomla! Exemplar
Joomla! Exemplar
Posts: 9356
Joined: Sun Oct 22, 2006 4:42 am
Location: Sunshine Coast, Queensland, Australia

Re: Need quick help !!

Post by RussW » Mon Dec 10, 2007 2:17 am

Please review the following FAQ's ASAP, you will find a wealth of information related to your issues.

  Security & Performance FAQ

It is not recommended to leave your sites publicly available and exploited, as it will only serve to promote the offenders ego and kudos and potentially expose the rest of the server to attack.

The above mentioned FAQ will provide with more than enough information to assist you in further securing your sites.

Particular entries of note and to pay attention to, are;

  Joomla! Administrator's Security Checklist

  Help! My site's been compromised. Now what?

  Vulnerable Extension List

  Joomla! Tools Suite
  How can I check my Joomla! installation's overall security and health?

  What does Joomla! have to do with file permissions?
Joomla! on the fabulous Sunshine Coast...
hotmango, web & print
The Styleguyz



Return to “Security in Joomla! 1.5”