Post hack problems

Discussion regarding Joomla! 1.5 security issues.
Joomla! Vulnerable Extensions: http://feeds.joomla.org/JoomlaSecurityV ... Extensions

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Locked
Zaphod42
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Wed Dec 27, 2017 11:31 pm

Post hack problems

Post by Zaphod42 » Wed Dec 27, 2017 11:42 pm

Hi

I've run a 1.5.26 site for some time. It's a simple website for a small business.

It was hacked & then recovered by my host however there have been a few issues post hack which I've been unable to solve.

1. It's very slow to load. Up to 15 seconds for the home page. My host has checked it & report it's all fine from their end
2. I've run it through a few hack checkers & they report some cloaking.
3. When searching on google it presents weird title & site descriptions "(301 Moved 通販 【年間定番】 Permanently -www.mdaservices.com.au)"
4. I've reindexed via google webmaster tools, new site map etc & it all reports fine.

web address : http://www.mdaservices.com.au

Site owner is not interested in upgrading as it is a simple brochure site.

Help would be appreciated.

cheers

User avatar
AMurray
Joomla! Exemplar
Joomla! Exemplar
Posts: 9636
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: Post hack problems

Post by AMurray » Fri Dec 29, 2017 1:19 am

Help would be appreciated.
My advice is "upgrade the joomla version". Equally importantly backup your site, and don't rely on the host to do so.
Site owner is not interested in upgrading as it is a simple brochure site.
The continued risk then is the site is then still at risk of being hacked.

Also I'm surprised your host lets you run something that old and vulnerable to security attacks.

Are you sure the clean-up has been done 100%, I mean, the previous remnants of the hack may still linger.
Regards - A Murray
General Support Moderator

Zaphod42
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Wed Dec 27, 2017 11:31 pm

Re: Post hack problems

Post by Zaphod42 » Wed Jan 03, 2018 7:53 am

Thanks A Murray.

Like I said my client is not keen for an upgrade as it's a simple site.

Any other suggestions as to how I can identify where the rogue content is coming from?

Cheers.

User avatar
Per Yngve Berg
Joomla! Master
Joomla! Master
Posts: 30814
Joined: Mon Oct 27, 2008 9:27 pm
Location: Romerike, Norway

Re: Post hack problems

Post by Per Yngve Berg » Wed Jan 03, 2018 9:06 am

Mod. Note: Relocated the topic to the Security Forum.

Follow the stickies in this forum on how to recover from a hack.

sozzled
I've been banned!
Posts: 13639
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia

Re: Post hack problems

Post by sozzled » Fri Jan 19, 2018 7:45 am

Zaphod42 wrote:Like I said my client is not keen for an upgrade as it's a simple site.
Like we've said, many times before, our advice is to update/upgrade/migrate your old J! 1.5 websites while you're in a position to do so.

You've asked how to identify where some "rogue"/unexplained content is generated on your client's website. The issue arises because the website is operating J! 1.5.28 and it has been operating—unmaintained and uncared for—"for some time". J! 1.5.x websites are notorious for the opportunities they present themselves to cyber ne'er-do-wells; J! 1.5.x websites are notoriously easy to exploit. A team of cyber terrorists could crack into a J! 1.5.x website in little more than 10 minutes with nothing more than a tooth pick.

So, when you say that this website has been running "for some time" using J! 1.5.28, your client is "not interested" in investing their time in properly fixing the problem (because it's only a "simple business"), right at the moment the website has been successfully compromised and your customer's business may well suffer because of the impact these "weird titles & site descriptions" are having. Fortunately for me, that's not my problem! 8)

You want to know the source of the attacks? Look in the server logfile. You want to fix the problem? That's a different question.

webhostuk
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 195
Joined: Thu Aug 27, 2009 3:05 am
Location: UK
Contact:

Re: Post hack problems

Post by webhostuk » Sat Jan 20, 2018 9:19 am

Presently I did not found any 301 redirect with Chinese characters, so it seems to be fixed now. But if you wish to secure the site the best and most important basic step is to upgrade to latest stable version, if you don't do that you are again going to face such issues.
https://www.webhostuk.Co.uk/joomla-hosting.html | Best UK Joomla Hosting!
http://www.webhost.US.Com | Best US Joomla Hosting
One click auto installer for Joomla


Locked

Return to “Security in Joomla! 1.5”