Discovering vulnerability, site keeps on getting hacked

Discussion regarding Joomla! 3.x security issues.

Moderators: mandville, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Post Reply
bcnx
Joomla! Apprentice
Joomla! Apprentice
Posts: 36
Joined: Sun Oct 15, 2006 12:44 pm

Discovering vulnerability, site keeps on getting hacked

Post by bcnx » Fri Aug 12, 2022 1:49 pm

Hi,

I have a site that keeps on getting hacked. I wonder if there is a way to discover how. The site works again when I restore the site's files, so it's nothing in the database.

Things I did to prevent:
- upgrade all components and Joomla (to Joomla 3.x, Joomla 4 is not possible because of template framework)
- configure permissions with Admin Tools
- installed WAF (Admin Tools Pro)
- Changed passwords
- Scanned for infected files

Cheers,

BC

gws
Joomla! Virtuoso
Joomla! Virtuoso
Posts: 4799
Joined: Tue Aug 23, 2005 1:56 pm
Location: South coast, UK
Contact:

Re: Discovering vulnerability, site keeps on getting hacked

Post by gws » Fri Aug 12, 2022 2:53 pm

Go to mysites.guru ,the first audit is free.

bcnx
Joomla! Apprentice
Joomla! Apprentice
Posts: 36
Joined: Sun Oct 15, 2006 12:44 pm

Re: Discovering vulnerability, site keeps on getting hacked

Post by bcnx » Fri Aug 12, 2022 3:46 pm

Not an option, I seem to have used that service before, some years ago,

BC

User avatar
leolam
Joomla! Master
Joomla! Master
Posts: 20518
Joined: Mon Aug 29, 2005 10:17 am
Location: Netherlands/ Germany/ S'pore/Bogor/ North America
Contact:

Re: Discovering vulnerability, site keeps on getting hacked

Post by leolam » Fri Aug 12, 2022 4:15 pm

bcnx wrote:
Fri Aug 12, 2022 3:46 pm
Not an option, I seem to have used that service before, some years ago,

BC
That is not a good reply.... Phil is the best in his field and you should use his service because it could be a server issue as well and hidden code which IS discovered by mysites.guru. Dont be a fool

Leo 8)
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -

User avatar
PhilTaylor-Prazgod
Joomla! Ace
Joomla! Ace
Posts: 1302
Joined: Sat Aug 20, 2005 12:32 pm
Location: Jersey, Channel Islands
Contact:

Re: Discovering vulnerability, site keeps on getting hacked

Post by PhilTaylor-Prazgod » Fri Aug 12, 2022 4:18 pm

Not an option, I seem to have used that service before, some years ago,
What he means is, he used his free trial and doesn't want to pay.

There are other services available charing 199.99-499.99 per year for a SINGLE site if you would prefer:

https://sucuri.net/website-security-platform/signup/
Phil Taylor
Founder, Lead Developer, Idiot.
- https://mySites.guru - Manage Multiple Joomla/WordPress Sites In One Dashboard for Security, Audits, Backups and more....
- https://www.phil-taylor.com/

User avatar
leolam
Joomla! Master
Joomla! Master
Posts: 20518
Joined: Mon Aug 29, 2005 10:17 am
Location: Netherlands/ Germany/ S'pore/Bogor/ North America
Contact:

Re: Discovering vulnerability, site keeps on getting hacked

Post by leolam » Fri Aug 12, 2022 4:19 pm

Sure , a free ride to eternal happiness (just did not wanted to be too direct)

Leo 8)
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -

bcnx
Joomla! Apprentice
Joomla! Apprentice
Posts: 36
Joined: Sun Oct 15, 2006 12:44 pm

Re: Discovering vulnerability, site keeps on getting hacked

Post by bcnx » Fri Aug 12, 2022 4:22 pm

Well, someone offered a free scan and simply replied that is not possible. I did not state anything about not wanting to pay anything, that's on you.

BC

User avatar
PhilTaylor-Prazgod
Joomla! Ace
Joomla! Ace
Posts: 1302
Joined: Sat Aug 20, 2005 12:32 pm
Location: Jersey, Channel Islands
Contact:

Re: Discovering vulnerability, site keeps on getting hacked

Post by PhilTaylor-Prazgod » Fri Aug 12, 2022 4:24 pm

bcnx wrote:
Fri Aug 12, 2022 4:22 pm
Well, someone offered a free scan and simply replied that is not possible. I did not state anything about not wanting to pay anything, that's on you.

BC
LMAO you did not pay anything last time also... but hey up to you. Im not allowed to talk openly about any service I run due to forum rules, so you are at an advantage.

There are other services available, but literally, this is what I do for a living for the last 2 decades.
Phil Taylor
Founder, Lead Developer, Idiot.
- https://mySites.guru - Manage Multiple Joomla/WordPress Sites In One Dashboard for Security, Audits, Backups and more....
- https://www.phil-taylor.com/

bcnx
Joomla! Apprentice
Joomla! Apprentice
Posts: 36
Joined: Sun Oct 15, 2006 12:44 pm

Re: Discovering vulnerability, site keeps on getting hacked

Post by bcnx » Fri Aug 12, 2022 4:29 pm

Yeah, of course, last time was free, why would I pay then?

User avatar
PhilTaylor-Prazgod
Joomla! Ace
Joomla! Ace
Posts: 1302
Joined: Sat Aug 20, 2005 12:32 pm
Location: Jersey, Channel Islands
Contact:

Re: Discovering vulnerability, site keeps on getting hacked

Post by PhilTaylor-Prazgod » Fri Aug 12, 2022 4:31 pm

why would I pay then?
mySites.guru is a subscription service with a limited free trial. It is not a free service.
Phil Taylor
Founder, Lead Developer, Idiot.
- https://mySites.guru - Manage Multiple Joomla/WordPress Sites In One Dashboard for Security, Audits, Backups and more....
- https://www.phil-taylor.com/

bcnx
Joomla! Apprentice
Joomla! Apprentice
Posts: 36
Joined: Sun Oct 15, 2006 12:44 pm

Re: Discovering vulnerability, site keeps on getting hacked

Post by bcnx » Fri Aug 12, 2022 4:39 pm

What is so hard about this? I'm aware the first scan is free and the rest is paid. No argument there.

User avatar
Gasoline
Joomla! Explorer
Joomla! Explorer
Posts: 432
Joined: Tue Aug 23, 2005 10:33 am
Location: NL

Re: Discovering vulnerability, site keeps on getting hacked

Post by Gasoline » Tue Aug 16, 2022 5:53 pm

bcnx wrote:
Fri Aug 12, 2022 4:39 pm
What is so hard about this? I'm aware the first scan is free and the rest is paid. No argument there.
Just take a one month sub. And you'r problems are solved. I use his serves for almost 8 years now. And will as long as I have Joomla sites. You won't find anything else this good and complete.
Using Joomla since 2005.

bcnx
Joomla! Apprentice
Joomla! Apprentice
Posts: 36
Joined: Sun Oct 15, 2006 12:44 pm

Re: Discovering vulnerability, site keeps on getting hacked

Post by bcnx » Wed Aug 17, 2022 12:26 pm

Gasoline wrote:
Tue Aug 16, 2022 5:53 pm
bcnx wrote:
Fri Aug 12, 2022 4:39 pm
What is so hard about this? I'm aware the first scan is free and the rest is paid. No argument there.
Just take a one month sub. And you'r problems are solved. I use his serves for almost 8 years now. And will as long as I have Joomla sites. You won't find anything else this good and complete.
Cheers Gasoline,

will do,

BC

bcnx
Joomla! Apprentice
Joomla! Apprentice
Posts: 36
Joined: Sun Oct 15, 2006 12:44 pm

Re: Discovering vulnerability, site keeps on getting hacked

Post by bcnx » Wed Aug 17, 2022 12:56 pm

Interesting, adding a site does not work, nor automatically, nor manually.

BC

User avatar
PhilTaylor-Prazgod
Joomla! Ace
Joomla! Ace
Posts: 1302
Joined: Sat Aug 20, 2005 12:32 pm
Location: Jersey, Channel Islands
Contact:

Re: Discovering vulnerability, site keeps on getting hacked

Post by PhilTaylor-Prazgod » Fri Aug 19, 2022 8:24 pm

> Interesting, adding a site does not work, nor automatically, nor manually.

There is literally a contact link on every single page of the mySites.guru service. You used it, you got support instantly. You dont mention any of that.

We could not connect to your site because your SSL was incorrectly installed, and did not have the full bundle chain of certificates installed - something that remains the case right now. Teaching people how to correctly install SSL Certificates is beyond the role of the service, but we will attempt to make SECURE connections by default. We enabled a workaround to insecurely connect to your domain.

You received a reply to your support request in 4 mins after it arrived.

For the record, and for balance, you did manage to get connected, and your site was hacked, and the service did reveal LOTS of ancient backdoors and hacked files.

Adding a site did work, and I see you have already started removing the hack. If you are going to tell people that my service "does not work" at least offer the full facts.
Phil Taylor
Founder, Lead Developer, Idiot.
- https://mySites.guru - Manage Multiple Joomla/WordPress Sites In One Dashboard for Security, Audits, Backups and more....
- https://www.phil-taylor.com/


Post Reply

Return to “Security in Joomla! 3.x”