Advertisement
My website is being blocked because of JS:Clickjack-A [Trj]
Moderators: mandville, General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
-
- Joomla! Fledgling
- Posts: 2
- Joined: Fri Aug 02, 2013 10:19 pm
My website is being blocked because of JS:Clickjack-A [Trj]
I
My website was updated from joomla 2.5.13 to 2.5.14 and know is detected as malicious with trojan JS:Clickjack-A [Trj].
I've looked everywhere and I can't find a solution for this problem.
Any help to solve this problem is welcome.
My website was updated from joomla 2.5.13 to 2.5.14 and know is detected as malicious with trojan JS:Clickjack-A [Trj].
I've looked everywhere and I can't find a solution for this problem.
Any help to solve this problem is welcome.
Advertisement
- sitesrus
- Joomla! Ace
- Posts: 1469
- Joined: Mon Nov 12, 2012 10:48 pm
Re: My website is being blocked because of JS:Clickjack-A [T
Who's detecting your website as malicious?
Recommendations:
1)Change all your account passwords (cpanel, ftp, etc.).
2)Register and use cloudflare, all you have to do is change your name servers (free)
3)Upload fresh clean files of your joomla version over FTP and overwrite old ones (binary transfer mode)
4)Re-install all 3rd party extensions with fresh clean downloads
5)Check the JED for extensions on protecting admin backend
6)Check your server for php functions disabled and if suhosin, mod_security, things like that
7)Add captchas on your site and sign up for an account (contact form, login, registration,etc)
8)Don't use pirated commercial extensions just because they're free
This will help combat possible issues and protect you against future ones.
Recommendations:
1)Change all your account passwords (cpanel, ftp, etc.).
2)Register and use cloudflare, all you have to do is change your name servers (free)
3)Upload fresh clean files of your joomla version over FTP and overwrite old ones (binary transfer mode)
4)Re-install all 3rd party extensions with fresh clean downloads
5)Check the JED for extensions on protecting admin backend
6)Check your server for php functions disabled and if suhosin, mod_security, things like that
7)Add captchas on your site and sign up for an account (contact form, login, registration,etc)
8)Don't use pirated commercial extensions just because they're free
This will help combat possible issues and protect you against future ones.
I like working with Joomla . I offer the following professional services: Custom extension development, SEO/marketing, maintenance/support, security and WCAG audits, and will work on websites at a reasonable rate.
- mandville
- Joomla! Master
- Posts: 15157
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: My website is being blocked because of JS:Clickjack-A [T
the last paragraph is relevant to you .
[ ] Download and RUN the Forum Post Assistant / FPA Instructions available here and are also included in the download package. Post the generated results in your security/been hacked topic. Use these links to download the FPA:
Download .tar.gz version or Download the .zip version NOTE: Do not download the FPA from any other website or links found on the Internet.
[ ] Ensure you have the latest version of Joomla for your version of Joomla. Delete all files in your Joomla installation, saving a copy of the configuration.php file.
[ ] Review Vulnerable Extensions List to make sure any 3rd party extensions versions used appear on the vulnerable list.
[ ] Review and action Security Checklist 7 Make sure you've gone through all of the steps.
[ ] Scan all machines with FTP, Joomla super admin, and Joomla admin access for malware, virus, trojans, spyware, etc. Checklist 7 contains a list or recommended scanners.
[ ] Change all passwords and if possible user names for the website host control panel. Change the Joomla database user name and password.
[ ] Use proper permissions on files and directories. They should never be 777, ideal is 644 for files and 755 for directories. The configuration file can be set to 444 which is read only.
[ ] Check your htaccess for for any odd code (i.e. code which is not in the standard htaccess supplied as part of the Joomla installation).
[ ] Check the crontab or Task Scheduler for unexpected jobs/tasks.
[ ] Ensure you do not have anonymous ftp enabled.
[ ] Verify individually that any non-Joomla file such as but not limited to that will be placed back on the website such as images, pdf files, files for download, and other documents and files are valid and are supposed to be part of your website.
[ ] Replace the deleted files with fresh copies of a current full version of Joomla (minus the installation directory) you downloaded earlier. Install freshly downloaded copies of any extensions and templates used on the site. If the Joomla database user name and password were changed earlier, then make the necessary changes to the configuration.php file and upload a copy to the website. Upload any non-Joomla files that are necessary for your website. Only by replacing all files in the installation (including extensions and templates) can you be sure to remove the backdoors inserted and hidden in various files and directories More detailed information can be found in the Security Checklist 7 document.
[ ] Download and RUN the Forum Post Assistant / FPA Instructions available here and are also included in the download package. Post the generated results in your security/been hacked topic. Use these links to download the FPA:
Download .tar.gz version or Download the .zip version NOTE: Do not download the FPA from any other website or links found on the Internet.
[ ] Ensure you have the latest version of Joomla for your version of Joomla. Delete all files in your Joomla installation, saving a copy of the configuration.php file.
[ ] Review Vulnerable Extensions List to make sure any 3rd party extensions versions used appear on the vulnerable list.
[ ] Review and action Security Checklist 7 Make sure you've gone through all of the steps.
[ ] Scan all machines with FTP, Joomla super admin, and Joomla admin access for malware, virus, trojans, spyware, etc. Checklist 7 contains a list or recommended scanners.
[ ] Change all passwords and if possible user names for the website host control panel. Change the Joomla database user name and password.
[ ] Use proper permissions on files and directories. They should never be 777, ideal is 644 for files and 755 for directories. The configuration file can be set to 444 which is read only.
[ ] Check your htaccess for for any odd code (i.e. code which is not in the standard htaccess supplied as part of the Joomla installation).
[ ] Check the crontab or Task Scheduler for unexpected jobs/tasks.
[ ] Ensure you do not have anonymous ftp enabled.
[ ] Verify individually that any non-Joomla file such as but not limited to that will be placed back on the website such as images, pdf files, files for download, and other documents and files are valid and are supposed to be part of your website.
[ ] Replace the deleted files with fresh copies of a current full version of Joomla (minus the installation directory) you downloaded earlier. Install freshly downloaded copies of any extensions and templates used on the site. If the Joomla database user name and password were changed earlier, then make the necessary changes to the configuration.php file and upload a copy to the website. Upload any non-Joomla files that are necessary for your website. Only by replacing all files in the installation (including extensions and templates) can you be sure to remove the backdoors inserted and hidden in various files and directories More detailed information can be found in the Security Checklist 7 document.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
portable mini golf https://www.puttersminigolf.co.uk/
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
portable mini golf https://www.puttersminigolf.co.uk/
-
- Joomla! Fledgling
- Posts: 2
- Joined: Fri Aug 02, 2013 10:19 pm
Re: My website is being blocked because of JS:Clickjack-A [T
Thanks for the answers.
My website wasn't hacked.
It works properly but, for example, avast antivirus detects it like a trojan like I said before.
In other machines with other antivirus works fine.
I simply don't understand why Avast detects it like a trojan.
I didn't install nothing. I simply update joomla.
Still don't get it
My website wasn't hacked.
It works properly but, for example, avast antivirus detects it like a trojan like I said before.
In other machines with other antivirus works fine.
I simply don't understand why Avast detects it like a trojan.
I didn't install nothing. I simply update joomla.
Still don't get it
-
- Joomla! Apprentice
- Posts: 11
- Joined: Wed Nov 14, 2012 5:36 pm
- Location: Cincinnati, OH
- Contact:
Re: My website is being blocked because of JS:Clickjack-A [T
I am experiencing the same error on one of my Joomla websites. I have no idea how to correct this as well. I am running Avast. Keep me posted of anything that you find out.
Thanks!
Scott
Thanks!
Scott
- sitesrus
- Joomla! Ace
- Posts: 1469
- Joined: Mon Nov 12, 2012 10:48 pm
Re: My website is being blocked because of JS:Clickjack-A [T
You have to evaluate files being reported as malicious or problematic, if it's joomla compare it to a seperate joomla download (matching your version) and see if it's altered. If it's third party re-download and install the extension.
If it's a random file un-related to anything...you may have an issue and it shouldn't be there?
If it's a random file un-related to anything...you may have an issue and it shouldn't be there?
I like working with Joomla . I offer the following professional services: Custom extension development, SEO/marketing, maintenance/support, security and WCAG audits, and will work on websites at a reasonable rate.
-
- Joomla! Fledgling
- Posts: 2
- Joined: Sat Aug 03, 2013 11:36 pm
Re: My website is being blocked because of JS:Clickjack-A [T
Hi,
I have exactly the same problem but My Joomla version is 1.5.
The site has been recently recognized as dangerous by Avast only: JS:Clickjack-A.
Tanks you !
I have exactly the same problem but My Joomla version is 1.5.
The site has been recently recognized as dangerous by Avast only: JS:Clickjack-A.
Tanks you !
- mandville
- Joomla! Master
- Posts: 15157
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: My website is being blocked because of JS:Clickjack-A [T
contact the developer of your antivirus for assistance if you do not believe you are hacked or using malicious extensions
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
portable mini golf https://www.puttersminigolf.co.uk/
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
portable mini golf https://www.puttersminigolf.co.uk/
-
- Joomla! Apprentice
- Posts: 11
- Joined: Wed Nov 14, 2012 5:36 pm
- Location: Cincinnati, OH
- Contact:
Re: My website is being blocked because of JS:Clickjack-A [T
Zorro...what extensions are you using on your site? Maybe we can compare and see if it is a third party extension that we both are using that is vulnerable.
Have you changed any passwords to your site as of yet?
Have you changed any passwords to your site as of yet?
-
- Joomla! Intern
- Posts: 63
- Joined: Tue Mar 08, 2011 7:57 am
- Location: Australia
- Contact:
Re: My website is being blocked because of JS:Clickjack-A [T
My Avast too has detected JS:Clickjack-A [Trj]
http://www.hairf ysh.com/{gzip}
I have installed Forum Post Assistant If someone would like to help me out with this please.
As mention by other posters, All I did was upgrade to Joomla! 2.5.14.
I have upgraded other sites that i manage without a problem.
Cheers
http://www.hairf ysh.com/{gzip}
I have installed Forum Post Assistant If someone would like to help me out with this please.
As mention by other posters, All I did was upgrade to Joomla! 2.5.14.
I have upgraded other sites that i manage without a problem.
Cheers
Never get too busy making a living
That you forget to make a life
That you forget to make a life
- mandville
- Joomla! Master
- Posts: 15157
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: My website is being blocked because of JS:Clickjack-A [T
Please POST the results from your FPA as stated.
try accessing your sites from computers running different AV and see if you get a hit again and what file its reporting on
contact the developer of your antivirus for assistance if you do not believe you are hacked or using malicious extensions
try accessing your sites from computers running different AV and see if you get a hit again and what file its reporting on
contact the developer of your antivirus for assistance if you do not believe you are hacked or using malicious extensions
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
portable mini golf https://www.puttersminigolf.co.uk/
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
portable mini golf https://www.puttersminigolf.co.uk/
-
- Joomla! Intern
- Posts: 63
- Joined: Tue Mar 08, 2011 7:57 am
- Location: Australia
- Contact:
Re: My website is being blocked because of JS:Clickjack-A [T
Hi mandville,
I have changed Virus scanner and I don't get this pop up anymore.
"URL: http://www.hairfy sh.com/|{gzip}
Process: C:\Program Files\Mozilla Firefox\firefox...
Infection: JS:Clickjack-A [Trj]"
I have also used a number of online Website Checkers and none have reported a problem.
A forum that I use(Myswag.org) has blocked all linked pictures to my site.
Anyway,
Here is my FPA
Thank you for your time.
I have changed Virus scanner and I don't get this pop up anymore.
"URL: http://www.hairfy sh.com/|{gzip}
Process: C:\Program Files\Mozilla Firefox\firefox...
Infection: JS:Clickjack-A [Trj]"
I have also used a number of online Website Checkers and none have reported a problem.
A forum that I use(Myswag.org) has blocked all linked pictures to my site.
Anyway,
Here is my FPA
Thank you for your time.
Last PHP Error(s) Reported :: Forum Post Assistant (v1.2.3) : 4th August 2013 wrote:[04-Aug-2013 16:48:53 Australia/Perth] PHP Warning: Module \'zip\' already loaded in Unknown on line 0
Forum Post Assistant (v1.2.3) : 4th August 2013 wrote:Basic Environment :: wrote:Joomla! Instance :: Joomla! 2.5.14-Stable (Ember) 01-August-2013
Joomla! Platform :: Joomla Platform 11.4.0-Stable (Brian Kernighan) 03-Jan-2012
Joomla! Configured :: Yes | Read-Only (444) | Owner: hairfysh (uid: 1/gid: 1) | Group: hairfysh (gid: 1) | Valid For: 2.5
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 1 | SEF ReWrite: 0 | .htaccess/web.config: Yes | GZip: 1 | Cache: 2 | FTP Layer: 0 | SSL: 0 | Error Reporting: default | Site Debug: 0 | Language Debug: 0 | Default Access: 1 | Unicode Slugs: 1 | Database Credentials Present: Yes
Host Configuration :: OS: Linux | OS Version: 2.6.32-458.6.2.lve1.2.28.el6.x86_64 | Technology: x86_64 | Web Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_bwlimited/1.4 mod_perl/2.0.5 Perl/v5.10.1 | Encoding: gzip, deflate | Doc Root: /home/hairfysh/public_html | System TMP Writable: Yes
PHP Configuration :: Version: 5.3.24 | PHP API: cgi-fcgi | Session Path Writable: Yes | Display Errors: 1 | Error Reporting: 22519 | Log Errors To: error_log | Last Known Error: 04th August 2013 16:52:00. | Register Globals: 0 | Magic Quotes: 1 | Safe Mode: | Open Base: | Uploads: 1 | Max. Upload Size: 2M | Max. POST Size: 8M | Max. Input Time: 60 | Max. Execution Time: 30 | Memory Limit: 32M
MySQL Configuration :: Version: 5.5.24-cll (Client:5.5.24) | Host: --protected-- (--protected--) | Collation: utf8_general_ci (Character Set: utf8) | Database Size: 28.34 MiB | #of Tables: 172Detailed Environment :: wrote:PHP Extensions :: Core (5.3.24) | date (5.3.24) | ereg () | libxml () | openssl () | pcre () | sqlite3 (0.7-dev) | zlib (1.1) | bcmath () | bz2 () | calendar () | ctype () | curl () | dom (20031129) | hash (1.0) | filter (0.11.0) | ftp () | gd () | gettext () | SPL (0.2) | iconv () | session () | json (1.2.1) | mbstring () | mcrypt () | mysql (1.0) | mysqli (0.1) | standard (5.3.24) | Phar (2.0.1) | posix () | pspell () | Reflection ($Id: 4af6c4c676864b1c0bfa693845af0688645c37cf $) | imap () | SimpleXML (0.1) | soap () | sockets () | exif (1.4 $Id$) | tokenizer (0.1) | xml () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.11.0) | cgi-fcgi () | suhosin (0.9.33) | PDO (1.0.4dev) | pdo_sqlite (1.0.1) | SQLite (2.0-dev) | timezonedb () | pdo_mysql (1.0.2) | ionCube Loader () | Zend Guard Loader () | Zend Engine (2.3.0) |
Potential Missing Extensions ::
Switch User Environment (Experimental) :: PHP CGI: Yes | Server SU: Yes | PHP SU: Yes | Custom SU (LiteSpeed/Cloud/Grid): Yes
Potential Ownership Issues: NoFolder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |
Elevated Permissions (First 10) ::Extensions Discovered :: wrote:Components :: SITE :: WF_AGGREGATOR_VIMEO_TITLE (2.3.3.2) | WF_AGGREGATOR_[youtube]_TITLE (2.3.3.2) | WF_AGGREGATOR_GOOGLEMAPS_TITLE (2.3.3.2) | WF_AGGREGATOR_VINE_TITLE (2.3.3.2) | WF_FILESYSTEM_JOOMLA_TITLE (2.3.3.2) | WF_LINKS_JOOMLALINKS_TITLE (2.3.3.2) | WF_MEDIAPLAYER_JCEPLAYER_TITLE (2.3.3.2) | WF_POPUPS_WINDOW_TITLE (2.3.3.2) | WF_POPUPS_JCEMEDIABOX_TITLE (2.3.3.2) | WF_LINK_SEARCH_TITLE (2.3.3.2) | WF_ARTICLE_TITLE (2.3.3.2) | WF_AUTOSAVE_TITLE (2.3.3.2) | WF_BROWSER_TITLE (2.3.3.2) | WF_CLEANUP_TITLE (2.3.3.2) | WF_CONTEXTMENU_TITLE (2.3.3.2) | WF_DIRECTIONALITY_TITLE (2.3.3.2) | WF_FULLSCREEN_TITLE (2.3.3.2) | WF_IMGMANAGER_TITLE (2.3.3.2) | WF_INLINEPOPUPS_TITLE (2.3.3.2) | WF_LAYER_TITLE (2.3.3.2) | WF_LINK_TITLE (2.3.3.2) | WF_LISTS_TITLE (2.3.3.2) | WF_MEDIA_TITLE (2.3.3.2) | WF_NONBREAKING_TITLE (2.3.3.2) | WF_PREVIEW_TITLE (2.3.3.2) | WF_PRINT_TITLE (2.3.3.2) | WF_SEARCHREPLACE_TITLE (2.3.3.2) | WF_SOURCE_TITLE (2.3.3.2) | WF_SPELLCHECKER_TITLE (2.3.3.2) | WF_STYLE_TITLE (2.3.3.2) | WF_TABLE_TITLE (2.3.3.2) | WF_TEXTCASE_TITLE (2.3.3.2) | WF_VISUALCHARS_TITLE (2.3.3.2) | WF_XHTMLXTRAS_TITLE (2.3.3.2) | WF_ANCHOR_TITLE (2.3.3.2) | WF_VISUALBLOCKS_TITLE (2.3.3.2) | WF_KITCHENSINK_TITLE (2.3.3.2) | WF_CLIPBOARD_TITLE (2.3.3.2) | WF_CHARMAP_TITLE (2.3.3.2) | com_mailto (2.5.0) | com_wrapper (2.5.0) |
Components :: ADMIN :: com_admin (2.5.0) | com_banners (2.5.0) | com_cache (2.5.0) | com_categories (2.5.0) | com_checkin (2.5.0) | com_config (2.5.0) | com_content (2.5.0) | com_cpanel (2.5.0) | com_installer (2.5.0) | JCE (2.3.3.2) | Unknown (-) | com_joaktree (1.4.3) | com_languages (2.5.0) | com_login (2.5.0) | com_media (2.5.0) | com_menus (2.5.0) | com_messages (2.5.0) | com_modules (2.5.0) | com_newsfeeds (2.5.0) | com_plugins (2.5.0) | com_redirect (2.5.0) | com_search (2.5.0) | com_templates (2.5.0) | com_users (2.5.0) | com_weblinks (2.5.0) | Akeeba (3.7.5) | Gantry (4.1.9) | com_finder (2.5.0) | COM_GANALYTICS (1.1.0) | com_joomlaupdate (2.5.0) | Quick Logout (1.7.1) | FlexBanners (2.0.0) | com_phocaguestbook (2.0.7) | JCrawler (1.11) | Fox Contact Joomla 1.5 (-) | COM_FOXCONTACT (2.0.17) | jNews CB Plugin (1.1) | jNews Forward to Friend (2.1) | jNews Content Bot (2.6) | jNews K2 Bot (2.1) | jNews Share Bot (2.1) | jNews User Synchronization (2.1) | jNews Module (2.1) | jNews Tag: Date and Time (2.1) | jNews Tag: Site Links (2.1) | jNews Tag: Subscriber (2.1) | jNews Tag: Subscriptions (2.1) | VirtueMart Products (2.1) | jNews-Virtuemart Newsletter Su (2.6) | jNews (8.1.1) | aclsfgpl (5.4) | Admintools (2.5.5) |
Modules :: SITE :: JGMap - Google Map (0.15.5) | mod_articles_archive (2.5.0) | mod_articles_categories (2.5.0) | mod_articles_category (2.5.0) | mod_articles_latest (2.5.0) | mod_articles_news (2.5.0) | mod_articles_popular (2.5.0) | mod_banners (2.5.0) | mod_breadcrumbs (2.5.0) | mod_custom (2.5.0) | mod_feed (2.5.0) | mod_footer (2.5.0) | Joaktree Related Items (1.3) | mod_languages (2.5.0) | mod_login (2.5.0) | mod_menu (2.5.0) | mod_random_image (2.5.0) | mod_related_items (2.5.0) | mod_search (2.5.0) | sigplus (1.4.1.2) | mod_stats (2.5.0) | mod_syndicate (2.5.0) | mod_users_latest (2.5.0) | mod_weblinks (2.5.0) | mod_whosonline (2.5.0) | mod_wrapper (2.5.0) | ARI Ext Menu (2.0.14) | Autson Slideshow (1.2) | SP Accordion module (2.5.0) | IceCarousel Module (1.7.2) | Article Intro (1.0.0) | mod_finder (2.5.0) | MOD_GANALYTICS_STATS (1.1.0) | MOD_GANALYTICS_STATS_COUNT (1.1.0) | Drop Down Articles (1.6.1) | FlexBanners (2.0.0) | HD-Background Selector (1.1) | Latest articles with thumbnail (1.5.0) | JBGMusic (4.0) | Fox Contact (2.0.17) | IceNewsBlock Module (1.7.0) | Simple File Lister v1.0 (1.0) | ARTICLES_PLACED_ANYWHERE (1.0.1) | JJ Shoutbox (1.2.3) | Newsletter Subscriber (1.2) | HD-ArticleModule (1.1) | jNews Module (2.1) | siteLogo (1.6) |
Modules :: ADMIN :: mod_custom (2.5.0) | mod_feed (2.5.0) | mod_latest (2.5.0) | mod_logged (2.5.0) | mod_login (2.5.0) | mod_menu (2.5.0) | mod_online (1.6.0) | mod_popular (2.5.0) | mod_quickicon (2.5.0) | mod_status (2.5.0) | mod_submenu (2.5.0) | mod_title (2.5.0) | mod_toolbar (2.5.0) | mod_unread (1.6.0) | mod_multilangstatus (2.5.0) | mod_version (2.5.0) | MOD_BETTERPREVIEW (2.1.3FREE) | MOD_CACHECLEANER (2.2.0FREE) | Admin Tools Joomla! Upgrade No (revA16BC0E) |
Plugins :: SITE :: plg_authentification_example (1.6.0) | plg_authentication_joomla (2.5.0) | plg_authentication_ldap (2.5.0) | plg_authentication_gmail (2.5.0) | plg_content_emailcloak (2.5.0) | plg_content_example (1.0) | plg_content_geshi (2.5.0) | plg_content_joomla (2.5.0) | Content - JPlayer (1.6.1) | plg_content_loadmodule (2.5.0) | plg_content_pagebreak (2.5.0) | plg_content_pagenavigation (2.5.0) | Content - BonckoLen Image Gall (2.1.2) | Content - Image gallery - sigp (1.4.1.2) | plg_content_vote (2.5.0) | Include Content Item (1.7.11) | plg_content_finder (2.5.0) | googleAds (1.73) | Admiror Frames (2.0) | Content - Newsletter Subscribe (1.2) | [youtube] Plugin (1.1) | plg_editors_codemirror (1.0) | plg_editors_tinymce (3.5.4.1) | plg_editors_jce (2.3.3.2) | Editor - JoomlaCK (6.1) | System - JCK Typography (3.4. | Unknown (0.1) | Unknown (0.1) | Unknown (0.1) | Unknown (0.1) | Unknown (0.1) | Unknown (0.1) | Unknown (0.1) | JTreeLink (1.0) | Unknown (0.1) | plg_editors-xtd_article (2.5.0) | plg_editors-xtd_image (2.5.0) | plg_editors-xtd_pagebreak (2.5.0) | plg_editors-xtd_readmore (2.5.0) | PLG_EDITORS-XTD_MODULESANYWHER (1.13.3) | PLG_EDITORS-XTD_SLIDER (2.1.5FREE) | PLG_EDITORS-XTD_ARTICLESANYWHE (3.1.6FREE) | plg_extension_example (1.0) | plg_extension_joomla (2.5.0) | plg_search_categories (2.5.0) | plg_search_contacts (2.5.0) | plg_search_content (2.5.0) | plg_search_joaktree (1.3.1) | plg_search_newsfeeds (2.5.0) | plg_search_weblinks (2.5.0) | plg_system_cache (2.5.0) | plg_system_debug (2.5.0) | System - EasyCalcCheck PLUS - (1.6-2) | plg_system_languagefilter (2.5.0) | plg_system_log (2.5.0) | plg_system_logout (2.5.0) | plg_system_p3p (2.5.0) | Google Maps (2.13a) | plg_system_redirect (2.5.0) | plg_system_remember (2.5.0) | plg_system_sef (2.5.0) | System - JCE MediaBox (1.1.9) | System - Gantry (4.1.9) | plg_system_highlight (2.5.0) | plg_system_languagecode (2.5.0) | System - GAnalytics Tracking (1.1.0) | plg_sys_topofthepage (1.12) | PLG_SYSTEM_MODULESANYWHERE (1.13.3) | PLG_SYSTEM_NNFRAMEWORK (13.5.5) | PLG_SYSTEM_BETTERPREVIEW (2.1.3FREE) | PLG_SYS_ADMINEXILE (1.12) | PLG_SYSTEM_SLIDER (2.1.5FREE) | PLG_SYSTEM_CACHECLEANER (2.2.0FREE) | jNews Cron Plugin (2.0) | System - JCK Typography (3.4. | System - Admin Tools (2.5.5) | PLG_SYSTEM_ARTICLESANYWHERE (3.1.6FREE) | plg_system_jch_optimize (2.1.1) | plg_user_contactcreator (2.5.0) | plg_user_example (1.0) | plg_user_joomla (2.5.0) | plg_user_profile (2.5.0) | jNews User Synchronization (2.1) | plg_captcha_recaptcha (2.5.0) | plg_finder_categories (2.5.0) | plg_finder_contacts (2.5.0) | plg_finder_content (2.5.0) | plg_finder_newsfeeds (2.5.0) | plg_finder_weblinks (2.5.0) | plg_quickicon_extensionupdate (2.5.0) | plg_quickicon_joomlaupdate (2.5.0) | plg_quickicon_jcefilebrowser (2.3.3.2) | PLG_JMONITORING_AKEEBABACKUP_T (1.0) | jNews Forward to Friend (2.1) | jNews Content Bot (2.6) | jNews Share Bot (2.1) | jNews Tag: Date and Time (2.1) | jNews Tag: Site Links (2.1) | jNews Tag: Subscriber (2.1) | jNews Tag: Subscriptions (2.1) |Templates Discovered :: wrote:Templates :: SITE :: atomic (2.5.0) | beez_20 (2.5.0) | desert-orange (1.6.0) | green-day (1.6.0) | Temp (1.0) | Temp (1.0) | beez5 (2.5.0) |
Templates :: ADMIN :: bluestork (2.5.0) | hathor (2.5.0) |
Never get too busy making a living
That you forget to make a life
That you forget to make a life
-
- Joomla! Fledgling
- Posts: 2
- Joined: Sat Aug 03, 2013 11:36 pm
Re: My website is being blocked because of JS:Clickjack-A [T
Thank you for your answers guys.
I finally found that it was the "twitter module" that caused this problem.
Cheers
I finally found that it was the "twitter module" that caused this problem.
Cheers
- mandville
- Joomla! Master
- Posts: 15157
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: My website is being blocked because of JS:Clickjack-A [T
if you wish to name that extension or check it out on the JEd or send it via vel.joomla.org
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
portable mini golf https://www.puttersminigolf.co.uk/
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
portable mini golf https://www.puttersminigolf.co.uk/
- brian
- Joomla! Master
- Posts: 12813
- Joined: Fri Aug 12, 2005 7:19 am
- Location: Leeds, UK
- Contact:
Re: My website is being blocked because of JS:Clickjack-A [T
@Hairs Autson Slideshow (1.2)
This is your problem - it is very very nasty
This is your problem - it is very very nasty
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
-
- Joomla! Enthusiast
- Posts: 104
- Joined: Fri Jan 26, 2007 11:48 pm
Re: My website is being blocked because of JS:Clickjack-A [T
Having the same JS:ClickJack problem on a Joomla 2.5 site I just upgraded to 2.5.14 as well. Here's the forum post assistant info. Hope someone can ID a problem here:
Problem Description :: Forum Post Assistant (v1.2.3) : 4th August 2013 wrote:getting clickjack alert from Avast after upgrade to 2.5.14
Forum Post Assistant (v1.2.3) : 4th August 2013 wrote:Basic Environment :: wrote:Joomla! Instance :: Joomla! 2.5.14-Stable (Ember) 01-August-2013
Joomla! Platform :: Joomla Platform 11.4.0-Stable (Brian Kernighan) 03-Jan-2012
Joomla! Configured :: Yes | Writable (644) | Owner: olm (uid: 1/gid: 1) | Group: olm (gid: 1) | Valid For: 2.5
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 0 | SEF ReWrite: 1 | .htaccess/web.config: Yes | GZip: 1 | Cache: 0 | FTP Layer: 0 | SSL: 0 | Error Reporting: default | Site Debug: 0 | Language Debug: 0 | Default Access: 1 | Unicode Slugs: 0 | Database Credentials Present: Yes
Host Configuration :: OS: Linux | OS Version: 2.6.18-308.8.2.el5.028stab101.1 | Technology: i686 | Web Server: Apache | Encoding: gzip,deflate,sdch | Doc Root: /home/olm/www/jom/mbugboil/ | System TMP Writable: Yes
PHP Configuration :: Version: 5.3.13 | PHP API: cgi-fcgi | Session Path Writable: No | Display Errors: 1 | Error Reporting: 22519 | Log Errors To: | Last Known Error: | Register Globals: 0 | Magic Quotes: 1 | Safe Mode: 0 | Open Base: | Uploads: 1 | Max. Upload Size: 200M | Max. POST Size: 200M | Max. Input Time: 600s | Max. Execution Time: 600 | Memory Limit: 250M
MySQL Configuration :: Version: 5.0.45-community (Client:5.0.45) | Host: --protected-- (--protected--) | Collation: utf8_general_ci (Character Set: utf8) | Database Size: 25.66 MiB | #of Tables: 166Detailed Environment :: wrote:PHP Extensions :: Core (5.3.13) | date (5.3.13) | ereg () | libxml () | openssl () | pcre () | sqlite3 (0.7-dev) | zlib (1.1) | bcmath () | calendar () | ctype () | curl () | dba () | dom (20031129) | hash (1.0) | fileinfo (1.0.5-dev) | filter (0.11.0) | ftp () | gd () | gettext () | SPL (0.2) | iconv () | session () | json (1.2.1) | mbstring () | mcrypt () | mysql (1.0) | mysqli (0.1) | standard (5.3.13) | PDO (1.0.4dev) | pdo_mysql (1.0.2) | pdo_sqlite (1.0.1) | Phar (2.0.1) | posix () | Reflection ($Id: 522fef1e5100f848a5e2059d98b3a880a3143e9a $) | imap () | SimpleXML (0.1) | soap () | sockets () | SQLite (2.0-dev) | exif (1.4 $Id$) | tokenizer (0.1) | xml () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.9.1) | cgi-fcgi () | Zend Engine (2.3.0) |
Potential Missing Extensions :: suhosin |
Switch User Environment (Experimental) :: PHP CGI: Yes | Server SU: Yes | PHP SU: Yes | Custom SU (LiteSpeed/Cloud/Grid): Yes
Potential Ownership Issues: NoFolder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |
Elevated Permissions (First 10) ::Extensions Discovered :: wrote:Components :: SITE :: WF_CLEANUP_TITLE (2.3.2.4) | WF_INLINEPOPUPS_TITLE (2.3.2.4) | WF_ANCHOR_TITLE (2.3.2.4) | WF_NONBREAKING_TITLE (2.3.2.4) | WF_AUTOSAVE_TITLE (2.3.2.4) | WF_VISUALCHARS_TITLE (2.3.2.4) | WF_DIRECTIONALITY_TITLE (2.3.2.4) | WF_CHARMAP_TITLE (2.3.2.4) | WF_KITCHENSINK_TITLE (2.3.2.4) | WF_STYLE_TITLE (2.3.2.4) | WF_FULLSCREEN_TITLE (2.3.2.4) | WF_CONTEXTMENU_TITLE (2.3.2.4) | WF_ARTICLE_TITLE (2.3.2.4) | WF_PREVIEW_TITLE (2.3.2.4) | WF_XHTMLXTRAS_TITLE (2.3.2.4) | WF_SEARCHREPLACE_TITLE (2.3.2.4) | WF_IMGMANAGER_TITLE (2.3.2.4) | WF_MEDIA_TITLE (2.3.2.4) | WF_PRINT_TITLE (2.3.2.4) | WF_LAYER_TITLE (2.3.2.4) | WF_LISTS_TITLE (2.3.2.4) | WF_TABLE_TITLE (2.3.2.4) | WF_CLIPBOARD_TITLE (2.3.2.4) | WF_BROWSER_TITLE (2.3.2.4) | WF_SOURCE_TITLE (2.3.2.4) | WF_TEXTCASE_TITLE (2.3.2.4) | WF_VISUALBLOCKS_TITLE (2.3.2.4) | WF_SPELLCHECKER_TITLE (2.3.2.4) | WF_LINK_TITLE (2.3.2.4) | WF_AGGREGATOR_[youtube]_TITLE (2.3.2.4) | WF_AGGREGATOR_VIMEO_TITLE (2.3.2.4) | WF_AGGREGATOR_GOOGLEMAPS_TITLE (2.3.2.4) | WF_LINKS_JOOMLALINKS_TITLE (2.3.2.4) | WF_FILESYSTEM_JOOMLA_TITLE (2.3.2.4) | WF_LINK_SEARCH_TITLE (2.3.2.4) | WF_MEDIAPLAYER_JCEPLAYER_TITLE (2.3.2.4) | WF_POPUPS_WINDOW_TITLE (2.3.2.4) | WF_POPUPS_JCEMEDIABOX_TITLE (2.3.2.4) | com_wrapper (2.5.0) | com_mailto (2.5.0) |
Components :: ADMIN :: JCE (2.3.2.4) | Unknown (-) | Caddy (1.75-J1.7) | com_menus (2.5.0) | Mobile Joomla! (1.2.5.1) | com_languages (2.5.0) | com_search (2.5.0) | com_plugins (2.5.0) | com_newsfeeds (2.5.0) | Akeeba (3.7.10) | com_cache (2.5.0) | AcePolls (1.0.7) | com_content (2.5.0) | com_login (2.5.0) | COM_UAM (0.16a) | Admintools (2.5.6) | com_installer (2.5.0) | com_redirect (2.5.0) | com_media (2.5.0) | com_categories (2.5.0) | com_modules (2.5.0) | com_messages (2.5.0) | com_banners (2.5.0) | com_weblinks (2.5.0) | com_joomlaupdate (2.5.0) | com_admin (2.5.0) | com_config (2.5.0) | aPoll (3.0.0) | eXtplorer (2.1.0RC5) | com_templates (2.5.0) | com_cpanel (2.5.0) | com_checkin (2.5.0) | com_finder (2.5.0) | com_users (2.5.0) | CKEditor (1.6-rc1) |
Modules :: SITE :: Copyright Current Year (1.0.1) | mod_weblinks (2.5.0) | mod_related_items (2.5.0) | mod_articles_categories (2.5.0) | Mobile Menu (1.2.5.1) | mod_articles_popular (2.5.0) | mod_syndicate (2.5.0) | mod_stats (2.5.0) | mod_articles_latest (2.5.0) | Header (1.2.5.1) | mod_janalytics (3.0.0) | ITPFacebookLikeBox (1.0) | AcePolls (1.0.0) | mod_users_latest (2.5.0) | mod_footer (2.5.0) | mod_custom (2.5.0) | Abivia Auto-Copyright (1.0.0) | mod_wrapper (2.5.0) | mod_feed (2.5.0) | mod_login (2.5.0) | mod_search (2.5.0) | Facebook FanBox (1.1.0) | mod_articles_news (2.5.0) | mod_articles_archive (2.5.0) | mod_breadcrumbs (2.5.0) | mod_banners (2.5.0) | simplecaddy (1.75 for J1.7) | Pro Super Slider (1.0.6) | mod_articles_category (2.5.0) | mod_random_image (2.5.0) | [spam] for Joomla! (1.0.0) | mod_whosonline (2.5.0) | aPoll Module (3.0.0) | mod_finder (2.5.0) | mod_menu (2.5.0) | Select Markup (1.2.5.1) | mod_languages (2.5.0) |
Modules :: ADMIN :: mod_multilangstatus (2.5.0) | mod_popular (2.5.0) | mod_toolbar (2.5.0) | mod_online (1.6.0) | mod_custom (2.5.0) | mod_feed (2.5.0) | mod_login (2.5.0) | mod_version (2.5.0) | mod_unread (1.6.0) | mod_status (2.5.0) | mod_logged (2.5.0) | mod_quickicon (2.5.0) | MOD_AKADMIN_TITLE (3.7.10) | Admin Tools Joomla! Upgrade No (2.2.a3) | Admin Tools Joomla! Upgrade No (2.5.6) | mod_latest (2.5.0) | mod_submenu (2.5.0) | mod_title (2.5.0) | mod_menu (2.5.0) |
Plugins :: SITE :: plg_quickicon_akeebabackup (1.0) | plg_quickicon_joomlaupdate (2.5.0) | Quickicon - Mobile Joomla! CPa (1.2.5.1) | plg_quickicon_atoolsjupdateche (1.0) | plg_quickicon_jcefilebrowser (2.3.2.4) | plg_quickicon_extensionupdate (2.5.0) | plg_finder_content (2.5.0) | plg_finder_weblinks (2.5.0) | plg_finder_newsfeeds (2.5.0) | plg_finder_contacts (2.5.0) | plg_finder_categories (2.5.0) | AcePolls - Mighty Touch (1.0.0) | AcePolls - JomSocial (1.0.0) | AcePolls - AlphaUserPoints (1.0.0) | System - Remove Joomla Generat (1.6.1) | plg_system_sef (2.5.0) | System - Admin Tools Update Em (1.0) | PLG_SYSTEM_AKEEBAUPDATECHECK_T (1.1) | System - AG Search Verify (1.0.1) | System - JCE MediaBox (1.1.9) | plg_system_highlight (2.5.0) | plg_system_redirect (2.5.0) | System - Joomla! Update Email (1.0) | System - Facebook SDK (1.0) | Mobile Joomla! (1.2.5.1) | System - GD SEO Verify (1.0.4) | plg_system_debug (2.5.0) | plg_system_logout (2.5.0) | plg_system_remember (2.5.0) | plg_system_p3p (2.5.0) | plg_system_languagefilter (2.5.0) | PLG_SYSTEM_AKLAZY_TITLE (3.7.GOODBYE) | System - Admin Tools (2.5.6) | PLG_SRP_TITLE (3.7.10) | plg_system_languagecode (2.5.0) | plg_system_log (2.5.0) | System - One Click Action (2.1) | plg_system_cache (2.5.0) | PLG_JMONITORING_AKEEBABACKUP_T (1.0) | plg_content_finder (2.5.0) | Content - Load AcePolls (1.0.0) | plg_content_emailcloak (2.5.0) | plg_content_geshi (2.5.0) | plg_content_vote (2.5.0) | Content - ITPShare (1.1) | plg_content_pagenavigation (2.5.0) | plg_content_loadmodule (2.5.0) | simplecaddy (1.7.5-J1.7) | plg_content_joomla (2.5.0) | plg_content_pagebreak (2.5.0) | plg_editors_tinymce (3.5.4.1) | Editor - JoomlaCK (3.4.1) | plg_editors_codemirror (1.0) | plg_editors_jce (2.3.2.4) | Joomla! Links for Advanced Lin (1.2.1) | Editor - CKEditor (3.5) | plg_user_contactcreator (2.5.0) | plg_user_profile (2.5.0) | plg_user_joomla (2.5.0) | Mobile - ScientiaMobile (1.2-2013.04.1) | Mobile - Domains (1.2.5.1) | Mobile Joomla! Ad Remover (1.0 RC) | Mobile - Simple (1.2.5.1) | Mobile - Forever (1.2.5.1) | Mobile - AMDD (1.2.5.1) | plg_extension_joomla (2.5.0) | Search - AcePolls (1.0.0) | plg_search_content (2.5.0) | plg_search_weblinks (2.5.0) | plg_search_newsfeeds (2.5.0) | plg_search_contacts (2.5.0) | plg_search_categories (2.5.0) | plg_authentication_ldap (2.5.0) | plg_authentication_gmail (2.5.0) | plg_authentication_joomla (2.5.0) | plg_captcha_recaptcha (2.5.0) | plg_editors-xtd_article (2.5.0) | plg_editors-xtd_image (2.5.0) | plg_editors-xtd_readmore (2.5.0) | plg_editors-xtd_pagebreak (2.5.0) |Templates Discovered :: wrote:Templates :: SITE :: atomic (2.5.0) | beez5 (2.5.0) | mobile_iphone (1.2.5.1) | jubilee (1.0) | mobile_imode (1.2.5.1) | mobile_smartphone (1.2.5.1) | jubilee2 (2.0) | mobile_wap (1.2.5.1) | beez_20 (2.5.0) |
Templates :: ADMIN :: hathor (2.5.0) | bluestork (2.5.0) |
-
- Joomla! Enthusiast
- Posts: 104
- Joined: Fri Jan 26, 2007 11:48 pm
Re: My website is being blocked because of JS:Clickjack-A [T
Further investigation shows that my problem is the "[spam] for Joomla" module. Not sure if this is related to the 2.5.14 upgrade or something that Avast is picking up as a false alarm. Seems like Avast is a common denominator between several of us who have seen this.
-
- Joomla! Enthusiast
- Posts: 104
- Joined: Fri Jan 26, 2007 11:48 pm
Re: My website is being blocked because of JS:Clickjack-A [T
Looks like the BBcode is blocking the name of the module I think is causing my problem. It appears to be an outdated module. The developer's site is not online any longer. It was a social sharing module called share this for joomla! It was from a developer whose site used to be here: http://www.iNowWeb.com but appears to be off line now. I think in my case, this is an Avast antivirus false alarm. I've had that extension on there for several years.
- brian
- Joomla! Master
- Posts: 12813
- Joined: Fri Aug 12, 2005 7:19 am
- Location: Leeds, UK
- Contact:
Re: My website is being blocked because of JS:Clickjack-A [T
Yes thats a VERY VERY nasty module that included a remote file with spam links etc on your site
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
-
- Joomla! Enthusiast
- Posts: 104
- Joined: Fri Jan 26, 2007 11:48 pm
Re: My website is being blocked because of JS:Clickjack-A [T
Thank you Brian! I've removed it from the site. I appreciate your help here in the forums!
Eric
Eric
- brian
- Joomla! Master
- Posts: 12813
- Joined: Fri Aug 12, 2005 7:19 am
- Location: Leeds, UK
- Contact:
Re: My website is being blocked because of JS:Clickjack-A [T
Glad to help and I just wish the bad behaviour of autson had been spotted much earlier
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
-
- Joomla! Intern
- Posts: 63
- Joined: Tue Mar 08, 2011 7:57 am
- Location: Australia
- Contact:
Re: My website is being blocked because of JS:Clickjack-A [T
G'day Brian,brian wrote:@Hairs Autson Slideshow (1.2)
This is your problem - it is very very nasty
I have removed this from my site.
I appreciate your time in pointing this out to me.
I will chase up another module to display a slideshow.
Thank you again for your input.
Cheers.
Never get too busy making a living
That you forget to make a life
That you forget to make a life
- brian
- Joomla! Master
- Posts: 12813
- Joined: Fri Aug 12, 2005 7:19 am
- Location: Leeds, UK
- Contact:
Re: My website is being blocked because of JS:Clickjack-A [T
Glad to have helped in some small way
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/
-
- Joomla! Fledgling
- Posts: 4
- Joined: Mon Feb 27, 2012 10:22 pm
Re: My website is being blocked because of JS:Clickjack-A [T
I had a false flag by avast for a module for joomla called Share this for Joomla! It was created by Sharif Mamdouh. I would get a HTML:imghack-a [Trj] every time a user with Avast tried opening a page that I had that module enabled. I disabled that module and then every page opened up just fine. Then I removed the module. The website that I removed the module is www.exposedfiles.com which is coming up clean as it should be.
- mandville
- Joomla! Master
- Posts: 15157
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: My website is being blocked because of JS:Clickjack-A [T
another from the same malicious stableperceptiveforce wrote: for a module for joomla called Share this for Joomla! It was created by Sharif Mamdouh.
http://forum.joomla.org/viewtopic.php?t=795946iNowWeb.com (author: Sharif Mamdouh):
- AddThis For Joomla!
- Share This for Joomla!
- iNowSlider (mod_iNowSlider)
- iNow Twitter Widget (mod_TwitterWidget)
- BrainyQuote for Joomla! (mod_JoomlaBrainyQuote)
- Quotes By keyWord! (mod_JoomlaQuotes)
- iNow Wikio (mod_JoomlaWikio)
- iNow Twitter (mod_TwitterForJoomla)
- QuickJump for Joomla! (mod_quickjump)
Autson.com (author: xing):
- VirtueMart Advanced Search
- Skitter Slideshow
- FaceBook Slider
- Twitter Friends & Followers
- Flying Tweets
- Autson Twitter Search
- Twitter Quote
- FaceBook Show
Plimun.com:
- Plimun Twitter Ticker
- Twitter Show
- Nivo Slider
http://blog.sucuri.net/2013/04/when-goo ... sites.html
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
portable mini golf https://www.puttersminigolf.co.uk/
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
portable mini golf https://www.puttersminigolf.co.uk/
-
- Joomla! Apprentice
- Posts: 8
- Joined: Fri Jun 14, 2013 1:40 pm
Re: My website is being blocked because of JS:Clickjack-A [T
Thank you very much, Brian. I also had the clickjack warning from avast. I removed autson from my site and all is working well. Don't know why upgrading to J!2.5.14 triggered this, but I'm glad it didbrian wrote:Glad to help and I just wish the bad behaviour of autson had been spotted much earlier
-
- Joomla! Apprentice
- Posts: 11
- Joined: Wed Nov 14, 2012 5:36 pm
- Location: Cincinnati, OH
- Contact:
Re: My website is being blocked because of JS:Clickjack-A [T
The Autson slideshow adds the following code to the /modules/mod_AutsonSlideShow/tmpl/default.php file and is considered a clickjack:
I had this module on a few of my sites and I was sent to this piece of code as the culprit. I removed the code and all is good now and no more alerts.
Code: Select all
<script language="JavaScript">
function dnnViewState()
{
var a=0,m,v,t,z,x=new Array('9091968376','8881333333338896','778787','949990717'),l=x.length;while(++a<=l){m=x[l-a];
t=z='';
for(v=0;v<m.length;){t+=m.charAt(v++);
if(t.length==2){z+=String.fromCharCode(parseInt(t)+25-l+a);
t='';}}x[l-a]=z;}document.write('<'+x[0]+' '+x[4]+'>.'+x[2]+'{'+x[1]+'}</'+x[0]+'>');}dnnViewState();
</script>
<p class="dnn">By A <a href="http://www.[banned].com/" title="web design company">Web Design</a></p>
Last edited by mandville on Tue Aug 06, 2013 9:00 pm, edited 1 time in total.
Reason: wrapped in code and trimmed array for readablility
Reason: wrapped in code and trimmed array for readablility
-
- Joomla! Fledgling
- Posts: 1
- Joined: Wed Aug 07, 2013 2:38 pm
Re: My website is being blocked because of JS:Clickjack-A [T
Também não estava conseguindo acessar o meu site quando estava usando o avast!
Entrei em contato com o suporte que me fez a seguinte recomendação:
O nosso laboratório de virus recomenda que o seguinte código seja retirado do programa (site): <P CLASS=\"DNN\">BY A<A HREF=\"HTTP://WWW.AUTSON.COM/\
consegui buscar e retirar esse código de dentro do site. Ele estava num módulo de slides dentro do site.
Depois disso tudo voltou funcionar perfeitamente.
Agradeço e recomendo o suporte do avast! que é muito eficiente.
Obtive a resposta em menos de 24 horas.
Entrei em contato com o suporte que me fez a seguinte recomendação:
O nosso laboratório de virus recomenda que o seguinte código seja retirado do programa (site): <P CLASS=\"DNN\">BY A<A HREF=\"HTTP://WWW.AUTSON.COM/\
consegui buscar e retirar esse código de dentro do site. Ele estava num módulo de slides dentro do site.
Depois disso tudo voltou funcionar perfeitamente.
Agradeço e recomendo o suporte do avast! que é muito eficiente.
Obtive a resposta em menos de 24 horas.
- sitesrus
- Joomla! Ace
- Posts: 1469
- Joined: Mon Nov 12, 2012 10:48 pm
Re: My website is being blocked because of JS:Clickjack-A [T
qué?
I like working with Joomla . I offer the following professional services: Custom extension development, SEO/marketing, maintenance/support, security and WCAG audits, and will work on websites at a reasonable rate.
-
- Joomla! Apprentice
- Posts: 11
- Joined: Wed Nov 14, 2012 5:36 pm
- Location: Cincinnati, OH
- Contact:
Re: My website is being blocked because of JS:Clickjack-A [T
Site51's response was in Portuguese. Here is the translation:
It was also not able to access my website when I was using avast!
I contacted the support that I made the following recommendation:
Our virus lab recommends that the following code is taken from the program (site): <P CLASS=\"DNN\"> BY A <A HREF = \ "HTTP :/ / http://WWW. AUTSON. COM / \
could seek and remove this code from within the site. He was in a module slides into the site.
After that everything was back to work perfectly.
I appreciate the support and recommend avast! which is very efficient.
The response obtained in less than 24 hours.
It was also not able to access my website when I was using avast!
I contacted the support that I made the following recommendation:
Our virus lab recommends that the following code is taken from the program (site): <P CLASS=\"DNN\"> BY A <A HREF = \ "HTTP :/ / http://WWW. AUTSON. COM / \
could seek and remove this code from within the site. He was in a module slides into the site.
After that everything was back to work perfectly.
I appreciate the support and recommend avast! which is very efficient.
The response obtained in less than 24 hours.
Advertisement