Attack on Contact Form

Discussion regarding Joomla! 3.x security issues.

Moderators: Bernard T, mandville, fcoulter, PhilD, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
User avatar
mtech0101
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Thu Oct 16, 2008 12:34 pm
Location: New England... USA
Contact:

Attack on Contact Form

Postby mtech0101 » Mon Feb 05, 2018 11:08 pm

I, too, am experiencing the same type of attack. My hosting company disabled access so I cannot run the FPA utility. I am awaiting their response to re-enable my site.

I did have a Contact Form which I was able to disable prior to the site being shut down. As soon as I have access I plan to disable the Plugin. Then I will use the FPA and seek suggestions here on this forum. UGH....

I always update the Joomla version as soon as it is available. There must be other security issues that I am unaware of.
Last edited by imanickam on Thu Feb 08, 2018 3:44 am, edited 1 time in total.
Reason: Split from the topic https://forum.joomla.org/viewtopic.php?f=714&t=958597. In the future, for your issues, please create a separate topic. Even though the symptoms my be the same, the root cause could be different.

User avatar
sozzled
Joomla! Champion
Joomla! Champion
Posts: 5016
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia
Contact:

Re: DDOS Attack on Contact Module

Postby sozzled » Mon Feb 05, 2018 11:38 pm

@mtech0101: I'm sorry to hear that, as a consequence of using a contact form on your website, your site has been subjected to unrelenting attacks that have resulted in your webhosting provider taking the action that they've taken.

As I've written before, contact forms can be a source of these kinds of attacks. Whether or not these features may be exploited, they often result in spam emails being sent—emails that often have nothing to do with your business or that are intended to advertise products and services that people are not interested in using. For these latter reasons—the use of contact forms for spamming people—I don't use these features myself.

There's not a lot more that I can say except that sometimes they're used properly (i.e. in connection with services provided by a website) and sometimes they're not (e.g. spamming, DoS attacks, etc.). Each person needs to decide for themselves how, when and where they use contact forms. To be on the safe side, if you think these things can hurt your business then don't use them.

I hope you get your site back in order again soon and that you take whatever action(s) you think are necessary to protect yourself. Good luck. Cheers 8)
https://www.kuneze.com/blog
Former member of Kunena project team
If you think I’m wrong then say “I think you're wrong.” If you say “You’re wrong!”, how do you know?

User avatar
mtech0101
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Thu Oct 16, 2008 12:34 pm
Location: New England... USA
Contact:

Re: DDOS Attack on Contact Module

Postby mtech0101 » Tue Feb 06, 2018 11:11 pm

I try running the FPA but when I finally am able to load it and run it then hit the "generate report" button the page will not load with message: "This account has reached its limit of concurrent processes." I did screen shots of the report but that will not help me with submitting the logs. What should I try next? My customers (a town's official website) are very upset. Note: I was able to login to the backend and turn off the Mail Sending options, what was happening was the admin email address was getting hammered with spam. I did not have a Contact Form active either. The site had over 35,000 "visitors" when I last check prior to the most recent "crash".


Return to “Security in Joomla! 3.x”

Who is online

Users browsing this forum: Google Feedfetcher and 9 guests