On 23/08/2012 3:32 AM, Dr Beco wrote:
One of my sites, that has joomla (and not wordpress) also got hacked (again).
Is your Joomla along with all components/skins etc. up to date? Many of
the hacked sites I look at are not up to date.
" the sysadmin told me that there was a php script entitled
"jos_jpxn.php" running that was rewriting my .htaccess" (lickface)
I quite often see Joomla sites that get hacked have a few PHP shells
dropped around the place that the attacker then uses to do other things
(reset passwords/change htaccess files/phising sites etc.).
Also, if it is shared web hosting are your permissions all set
correctly? Do you know how PHP is configured on the server? If the
permissions are wrong say on the configuration file and another site on
the same server gets hacked, they may be able to read your configuration
file, get the database details and reset/recover the admin password.
Personally I wouldn't trust a Joomla/Wordpress/whatever install once the
site has been comprimised like this - who knows what else has been
changed. It may be best to reupload the site/database from a backup if
you have one.
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]
