Advertisement

Internal Sabotage by personnel of Hosting Provider

Discussion regarding Joomla! 5.x security issues.

Moderators: mandville, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Post Reply
sthop
Joomla! Apprentice
Joomla! Apprentice
Posts: 33
Joined: Mon Aug 22, 2022 9:47 am

Internal Sabotage by personnel of Hosting Provider

Post by sthop » Wed Oct 09, 2024 9:27 am

Hello,

I am looking around for a Hosting Provider that can manage my opinion-website built on Joomla version 5 platform.
My experience, especially by the repressive attitude in the Netherlands, is that there is a risk of 'internal sabotage' by hosting personnel (admins) with a different opinion. Do you recognise this? Have you experienced any opposition or strange circumstances?
So, I have become cautious and have some questions:
How can I detect sabotage in Joomla v.5?
How can I prevent sabotage?
Which (international) Hosting Provider can you propose that is politically, religiously and culturally neutral?

Friendly regards,
Sthop
Last edited by sthop on Wed Oct 09, 2024 9:46 am, edited 1 time in total.

Advertisement
User avatar
pe7er
Joomla! Master
Joomla! Master
Posts: 25216
Joined: Thu Aug 18, 2005 8:55 pm
Location: Nijmegen, Netherlands
Contact:

Re: Internal Sabotage by personnel of Hosting Provider

Post by pe7er » Wed Oct 09, 2024 9:39 am

sthop wrote: Wed Oct 09, 2024 9:27 amI am looking around for a Hosting Provider that can manage my opinion-website built on Joomla version 5 platform.
My experience, especially by the repressive attitude in the Netherlands, is that there is a risk of 'internal sabotage' by hosting personnel (admins) with a different opinion. Do you recognise this? Have you experienced any opposition or strange circumstances?
What do you mean with repressive attitude in the Netherlands?
And what kind of 'internal sabotage' do you mean?
I have no such experiences with any hosting and do not recognize that.

If you're concerned about changes to your files, you can set up a monitoring service on a separate computer.
That service can use an SSH connection to periodically check the checksum of all files to detect any modifications.
Kind Regards,
Peter Martin, Global Moderator
Company website: https://db8.nl/en/ - Joomla specialist, Nijmegen, Netherlands
The best website: https://the-best-website.com

User avatar
JAVesey
Joomla! Hero
Joomla! Hero
Posts: 2717
Joined: Tue May 14, 2013 1:21 pm
Location: Cardiff, Wales, UK
Contact:

Re: Internal Sabotage by personnel of Hosting Provider

Post by JAVesey » Wed Oct 09, 2024 6:54 pm

sthop wrote: Wed Oct 09, 2024 9:27 am My experience... is that there is a risk of 'internal sabotage' by hosting personnel (admins) with a different opinion.
Any chance that these “opinions” that you’re posting/hosting are illegal or likely to cause offence in the particular county? That’s just about the only reason I can suggest for any hosting company to intervene with a client’s website.

Maybe I’m reading too much into your question...
John V
Cardiff, Wales, UK
Joomla 5.2.0 "live" site on PHP 8.3.2 and MariaDB 10.11.8 (with b/c plugin enabled)
Joomla 5.2.0 on MAMP Pro 7.1.3 with PHP 8.3.9 and MySQL 8.0.35 (with b/c plugin enabled)

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 44695
Joined: Sat Apr 05, 2008 9:58 pm

Re: Internal Sabotage by personnel of Hosting Provider

Post by Webdongle » Wed Oct 09, 2024 9:05 pm

Perhaps your site has been hacked?
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".

sthop
Joomla! Apprentice
Joomla! Apprentice
Posts: 33
Joined: Mon Aug 22, 2022 9:47 am

Re: Internal Sabotage by personnel of Hosting Provider

Post by sthop » Sat Oct 12, 2024 7:17 am

Hello Pe7er and JAVesey,

My questions are not about the Hosting Provider as an organisation, nor about illegal content from me.
My questions are about any HP-employee with an opposing personal opinion, who wants to undermine my site covertly.
Does Joomla platform have secret access for a hidden admin (for example via database) by an aggrieved employee?
Which (international) Hosting Provider may you propose that is politically, religiously and culturally neutral?

Friendly regards,
Sthop

gws
Joomla! Champion
Joomla! Champion
Posts: 6408
Joined: Tue Aug 23, 2005 1:56 pm
Location: South coast, UK
Contact:

Re: Internal Sabotage by personnel of Hosting Provider

Post by gws » Sat Oct 12, 2024 8:09 am

Theoretically a technician from your hoster with DB access could alter your content. I have never heard of such happening. If you want a secure server with no technician access you need to run your own or use a VPS.

User avatar
AMurray
Joomla! Master
Joomla! Master
Posts: 10273
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: Internal Sabotage by personnel of Hosting Provider

Post by AMurray » Sat Oct 12, 2024 8:37 am

Is this more a "what if this happens" or "why is this currently happening" and how you can prevent it scenario?

Are you saying your current web host has some (suspected, or proven) dodgy employees that are adding unauthorised content to your site or altering the content you have written to a different opinion on your topics/subject matters?

The method for changing a super user password is no secret - it's outlined in the public Joomla documentation.

You still need the MySQL password or hosting control panel login in order to access the database directly e.g. in phpMyAdmin). So unless you're very relaxed with the passwords you use, that should be essentially secure.

I don't know what access a web hosting employee would have - perhaps they would have access to a customer's database (for purposes of support).

For security tools that might help suggest considering mysites.guru and/or Akeeba Admin Tools. Both are excellent at tracking and detecting security issues concerned with authorised access and much more. Joomla's User Actions log might identify suspect activities such as updates to articles you didn't expect.

All the above just suggestions, throwing them in the ring for consideration.
Regards - A Murray
General Support Moderator

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 44695
Joined: Sat Apr 05, 2008 9:58 pm

Re: Internal Sabotage by personnel of Hosting Provider

Post by Webdongle » Sat Oct 12, 2024 10:35 am

With all the websites out there why is your site so special that someone would spend time and risk their job defacing yours?
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".

gws
Joomla! Champion
Joomla! Champion
Posts: 6408
Joined: Tue Aug 23, 2005 1:56 pm
Location: South coast, UK
Contact:

Re: Internal Sabotage by personnel of Hosting Provider

Post by gws » Sat Oct 12, 2024 2:11 pm

I don't know what access a web hosting employee would have - perhaps they would have access to a customer's database (for purposes of support).
They couldn't offer much support if they didn't have access.

sthop
Joomla! Apprentice
Joomla! Apprentice
Posts: 33
Joined: Mon Aug 22, 2022 9:47 am

Re: Internal Sabotage by personnel of Hosting Provider

Post by sthop » Mon Oct 14, 2024 1:28 pm

Hello AMurray and gws,
Thank you for your answers.
Friendly regards,
Shtop

Advertisement

Post Reply

Return to “Security in Joomla! 5.x”