Site hacked with JHackguard installed
My site was recently hacked and I had to rebuild the site. I've had it scanned and the directory is clean... I installed JHackguard and it looks like the plugin worked to a degree. I was getting an error telling me the configuration file needed to be fixed due a mis-configuration.
I looked in the log file and it had the Eval 64 code; but, it stated for it to die - hence the configuration error when the site was brought up. Right?
I am about to block the IP's from the SQL Intrusion; but, any other ideas what we can do to fend off these attacks...
Please advise and see the attachment.
I just went in the htaccess file and added these 2 IP's to block them--- I know this is a temp solution; but, anyone have any better ideas...
This is what I added to the htaccess and is this entered in their correctly?
deny from 126.96.36.199
deny from 188.8.131.52
I don't think that blocking few IP addresses will solve the issue. It is quite easy to get a new address in case you want to attack a site. What you need to do is make sure that your Joomla version is updated to the latest stable version of its branch and that you're not using any extensions with known vulnerabilities.
In addition, jHackGuard may have blocked one attack but they could have used a completely different method that exploits a core Joomla vulnerability to gain access to your site. Note that after such issue, you should change all your logins for your site in order to prevent further access to it.
Siteground, I think your servers are infected, cuz there are just too many hacked sites right now.
going to try deleting everything and starting over, maybe with a new different CMS.
When using an open source application the risk of being hacked is always there - there are people who constantly search for breaches and try to exploit them. Even if you chose to go for another application, the risk remains. So I think there is no need to drop Joomla and go for another CMS application.
I can assure you that our servers are safe and secure and there is no breach. We do more than any hosting company to protect our customers from such issues, once on a server level and by providing additional plugins like jHackGuard. Bear in mind that jHackGuard prevents hacking attempts and cannot do much for already compromised Joomla applications.
On server level, thanks to the technology we use, one compromised account could not affect other accounts on the same server.
If you are our customer, our support team could help you to identify your problem and help you with the cleaning of your site. You can contact them via our Help Desk system.
Once you are sure there are no leftovers from the hacking event, you should update all your plugins and the Joomla application itself to their latest versions. This is the best way to protect your site from such issues. In combination with jHackGuard your Joomla site will be safe enough
By Shadow_Guyver in forum Other Software and Applications
Last Post: 04-21-2008, 05:04 AM
By twiggystardust in forum Forum Applications
Last Post: 10-17-2007, 03:26 AM
By HUKO in forum General Joomla Discussions
Last Post: 04-17-2006, 10:30 AM
Copyright © 2012 SiteGround.com Inc