Web Hosting
Results 1 to 5 of 5
  1. #1
    Join Date
    Dec 2012
    Posts
    2

    Default Site hacked with JHackguard installed

    My site was recently hacked and I had to rebuild the site. I've had it scanned and the directory is clean... I installed JHackguard and it looks like the plugin worked to a degree. I was getting an error telling me the configuration file needed to be fixed due a mis-configuration.

    I looked in the log file and it had the Eval 64 code; but, it stated for it to die - hence the configuration error when the site was brought up. Right?

    I am about to block the IP's from the SQL Intrusion; but, any other ideas what we can do to fend off these attacks...

    www.lagrange-ga.org

    Please advise and see the attachment.
    Trey
    Attached Files Attached Files

  2. #2
    Join Date
    Dec 2012
    Posts
    2

    Default

    I just went in the htaccess file and added these 2 IP's to block them--- I know this is a temp solution; but, anyone have any better ideas...

    This is what I added to the htaccess and is this entered in their correctly?

    deny from 178.137.165.136
    deny from 188.143.232.176

    Thanks
    Trey
    Attached Files Attached Files

  3. #3
    Join Date
    Apr 2008
    Location
    At home
    Posts
    917

    Default

    Hi,

    I don't think that blocking few IP addresses will solve the issue. It is quite easy to get a new address in case you want to attack a site. What you need to do is make sure that your Joomla version is updated to the latest stable version of its branch and that you're not using any extensions with known vulnerabilities.

    In addition, jHackGuard may have blocked one attack but they could have used a completely different method that exploits a core Joomla vulnerability to gain access to your site. Note that after such issue, you should change all your logins for your site in order to prevent further access to it.

  4. #4
    Join Date
    Feb 2013
    Posts
    3

    Default

    Siteground, I think your servers are infected, cuz there are just too many hacked sites right now.
    going to try deleting everything and starting over, maybe with a new different CMS.

  5. #5
    Join Date
    Apr 2008
    Location
    At home
    Posts
    917

    Default

    When using an open source application the risk of being hacked is always there - there are people who constantly search for breaches and try to exploit them. Even if you chose to go for another application, the risk remains. So I think there is no need to drop Joomla and go for another CMS application.

    I can assure you that our servers are safe and secure and there is no breach. We do more than any hosting company to protect our customers from such issues, once on a server level and by providing additional plugins like jHackGuard. Bear in mind that jHackGuard prevents hacking attempts and cannot do much for already compromised Joomla applications.

    On server level, thanks to the technology we use, one compromised account could not affect other accounts on the same server.

    If you are our customer, our support team could help you to identify your problem and help you with the cleaning of your site. You can contact them via our Help Desk system.

    Once you are sure there are no leftovers from the hacking event, you should update all your plugins and the Joomla application itself to their latest versions. This is the best way to protect your site from such issues. In combination with jHackGuard your Joomla site will be safe enough

Similar Threads

  1. My site got hacked!
    By Shadow_Guyver in forum Other Software and Applications
    Replies: 1
    Last Post: 04-21-2008, 04:04 AM
  2. Site hacked?
    By twiggystardust in forum Forum Applications
    Replies: 1
    Last Post: 10-17-2007, 02:26 AM
  3. Hacked Site
    By HUKO in forum General Joomla Discussions
    Replies: 3
    Last Post: 04-17-2006, 09:30 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •