Did Permissions Reset after Upgrade to 3.9

Discussion regarding Joomla! 3.x security issues.

Moderators: Bernard T, mandville, fcoulter, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Post Reply
aprilgabrielle
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Tue Feb 11, 2014 6:31 am

Did Permissions Reset after Upgrade to 3.9

Post by aprilgabrielle » Mon Mar 30, 2020 6:17 am

Hello..

Earlier this afternoon, I was not able to log into my admin. After logging in non-stop for the past month while developing my site. Via Cpanel I checked database, looked fine, checked config.php verified username and password as correct. So I changed password via Myadminphp. Once I accessed the back end, I was not able to login via the "Coming Soon" page which is only accessible with the correct user ID (Super User which has always been 7.

I went verified that super users and admin access ID remained and they were. The only user permission that was changed under global config was "Public" and access was set and given to every function below Configure Options, you know edit, etc.

Now in the past I had issues with redirects, I believe someone was accessing thru my coming soon login because it was horrible. I had over 200 redirects from what seemed like a service that directed traffic to different websites. But, once I disabled redirects I never had that problem again.

So I can't think of any other way that permissions were changed unless it occurred thru the recent Joomla update. Please advise.. Thank you.

 
User avatar
Per Yngve Berg
Joomla! Master
Joomla! Master
Posts: 26815
Joined: Mon Oct 27, 2008 9:27 pm
Location: Akershus, Norway

Re: Did Permissions Reset after Upgrade to 3.9

Post by Per Yngve Berg » Mon Mar 30, 2020 7:12 am

What version of Joomla did you upgrade from?

Please post the FPA. See the pink frame above.

User avatar
brian
Joomla! Master
Joomla! Master
Posts: 11908
Joined: Fri Aug 12, 2005 7:19 am
Location: Leeds, UK
Contact:

Re: Did Permissions Reset after Upgrade to 3.9

Post by brian » Mon Mar 30, 2020 7:57 am

A Joomla update, installed correctly with the update component, will not have changed any permissions
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/

User avatar
AMurray
Joomla! Champion
Joomla! Champion
Posts: 5653
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: Did Permissions Reset after Upgrade to 3.9

Post by AMurray » Mon Mar 30, 2020 9:42 am

which version in the 3.9.x series - (there's 17 of them....)
Regards,
--------------------------------------------------------------
A Murray
Millennium Falcon - it's the ship that made the Kessel run in less than 12 parsecs! The fastest hunk of junk in the galaxy.

aprilgabrielle
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Tue Feb 11, 2014 6:31 am

Re: Did Permissions Reset after Upgrade to 3.9

Post by aprilgabrielle » Tue Mar 31, 2020 1:46 am

Per Yngve Berg wrote:
Mon Mar 30, 2020 7:12 am
What version of Joomla did you upgrade from?

Please post the FPA. See the pink frame above.
Hello.. First, is there a way to reply without the quote? Um, without going in to check my backups, it would have had to be the one before 3.9.16 because I'm often alerted via my hosting company and I use Softaculous to upgrade and backup..

aprilgabrielle
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Tue Feb 11, 2014 6:31 am

Re: Did Permissions Reset after Upgrade to 3.9

Post by aprilgabrielle » Tue Mar 31, 2020 1:55 am

Gee, so update. I have Joomla 3.9.16. I'm back trying to login once again with the new password and I can't. I tried to login into my other Joomla sites as well and no can do. For starters my sites are under development. two of them I have not touched for about 4 months other than conducting updates.

I am a bit suspicious of a plugin. I noticed last night when I changed the background of one of the pages, I saw a suspicious link. www.hunters.com and it is sitting under a social media link plug in. When I checked to upgrade the plugin, I noticed it came from the Joomla Extension Directory and Joomla apparently suspended it because of "Broken Links"

I'm going to once again go through myphpadmin and change passwords and usernames. Then I'm going to disable the plugin that has been uploaded for at least a year to see if I continue to have the issue. My hosting company is also conducting a malware scan for me.

I'm also going to check to see if permissions were changed once again. Prayerfully NOT..

Note: I'm certain that I remember that same website (above) in my redirect file before I disabled it awhile back.

COMMENTS, ADVICE appreciated.. thanks in advance..

Abril

aprilgabrielle
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Tue Feb 11, 2014 6:31 am

Re: Did Permissions Reset after Upgrade to 3.9

Post by aprilgabrielle » Tue Mar 31, 2020 1:56 am

Whoops forgot to ask. I've researched this.. can I review plugins via myphpadmin? I've tried to look through the database, but can't figure out where to start. Thanks
a

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 12382
Joined: Thu Feb 15, 2007 5:48 am
Location: Suzhou, China

Re: Did Permissions Reset after Upgrade to 3.9

Post by toivo » Tue Mar 31, 2020 7:04 am

aprilgabrielle wrote:I use Softaculous to upgrade and backup..
Next time you should update using just the standard Joomla update option, Components - Joomla! Update. AFAIK, some members of the forum have had issues with installations through Softaculous.

aprilgabrielle wrote:can I review plugins via myphpadmin? I've tried to look through the database, but can't figure out where to start.
Start from the table called extensions. Run the following SQL query to list all the plugins, but first replace 'epr28r' with your table prefix:

Code: Select all

SELECT * FROM ep28r_extensions
WHERE type = 'plugin'
Toivo Talikka, Global Moderator

aprilgabrielle
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Tue Feb 11, 2014 6:31 am

Re: Did Permissions Reset after Upgrade to 3.9

Post by aprilgabrielle » Tue Mar 31, 2020 9:34 pm

Sorry I posted this in another post by mistake.. if someone shows me how to remove it from the other I will. But here is the other update. THANK YOU...


So again I could not log in my "Coming Soon" page either. I have about 4 other users for admin two for super so I used one of these to access my admin. It's obvious someone has hacked my page unless when my hosting company did a malware scan they messed up some stuff. I don't know. But, when I accessed the admin my coming soon page was disabled.

I went in and changed my super username and password. The permissions were the same as I changed them to yesterday.

I read someone on the forum advised to disable the Authentication-LDAP plugin but it says you need at least one to login. Is the username supposed to be "admin"? I'm wondering if it was changed to this.

My hosting company sent an email stating they will be running maintenance to fix a hardware issue. I asked if the issue could be interfering with my troubles.. they said no.

If all else fails I have my backups and will just restore a backup and then reinstall the Joomla 3.9.16 update.

Oh boy its not fun spending insurmountable time fixing login issues, possible hacks, again the site is not published yet.

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 12382
Joined: Thu Feb 15, 2007 5:48 am
Location: Suzhou, China

Re: Did Permissions Reset after Upgrade to 3.9

Post by toivo » Wed Apr 01, 2020 12:07 am

This topic was moved to the 3.x Security forum, which has a sticky topic Recovering from a hack, worth reading.

You could also use the opportunity to get your Joomla site audited by the reputable mysites.guru service, where the first software audit is free (no affiliation).
Toivo Talikka, Global Moderator

aprilgabrielle
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Tue Feb 11, 2014 6:31 am

Re: Did Permissions Reset after Upgrade to 3.9

Post by aprilgabrielle » Wed Apr 01, 2020 5:07 am

toivo wrote:
Wed Apr 01, 2020 12:07 am
This topic was moved to the 3.x Security forum, which has a sticky topic Recovering from a hack, worth reading.

You could also use the opportunity to get your Joomla site audited by the reputable mysites.guru service, where the first software audit is free (no affiliation).
thank you because I tried another software that scanned my site .. found malware.. I will check the recommended forum.

 

Post Reply

Return to “Security in Joomla! 3.x”