Hi. Hope this is posted in the right forum. I have a Joomla site that was hacked today, no big deal, only the index page was changed. Its just those turkish hacker pigs again. Well, to the case. I am not administrating the site, I do not know Joomla so my question is: is Joomla unsafe or is it more likely that the server has security issues?
Have you uploaded to the latest joomla version? is your configuration.php set to 655 or a secure file attribute. After installing any components and modules, set the directories concerned to 655 or a secure file attribute. as far as i know these are the only files that can be affected, no open source script or cms is safe these days so it is advisable to secure your server if you've been hacked. everyday new exploits are found and it is best to upgrade it to the latest version.
It should be 644 for all the files and 755 for all the directories with only cache set to 777. Use this code to do it by ssh. find -type f -exec chmod 644 {} \; find -type d -exec chmod 755 {} \;
Joomla is safe as long as you update it regularly and have the latest version installed. I think this stuff happend to all CMS, forums etc... once they get really popular they become more interesting to hackers.
Same happened to me some months ago too. The cause seems to be generally the extensions. Somehow they had manage to overwrite index.php using a bug in a forum extension.
Agree, extensions are mostly causing the troubles, if developed improperly. That is why one should research before installing a component on his joomla powered website. The core protects a standard website, while custom extensions may leave doors open for the attackers. Careful what you're installing.
if your configuration.php file is open for writing is a seconds job to make the joomla site hacked but keep in mind any php or asp developed site is open to that thread. You have to secure yourself with the right user permissions. And none of Turkish are hackers all they are Lamers. ( am Turkish by the way) Generally 14-18 years old school boys doing google searches are doing that kind of things i reccomend you to report them as the Turkish Laws are strict on the concept.
Ha ha ha .. Yes I totally agree with that age group. When I was about 16 I used to write viruses and Trojan horses to demonstrate how good coder I was ... as dumb as it gets I got caught by the Interpol but got out with a warning. I was lucky because they didn't have evidence since I recently reinstalled my computer because I was testing "brute force hdd encrypter" and lost all my data" ha ha ha ha ... Since then I'm working as computer security guy ha ha ha .. as always! Cheers, Venetsian. P.S. Not all CMS software in hackable. Depends on how much time the development company is willing to invest in "security audits". As some might know I'm currently in the development team of the "SEO Website CMS" and for now its pretty secure from "user's point of view". It still have the php global register "on" but I'll make it off in some future version since that's the most popular security fault in most CMS systems.
joomla is the most stable cms . i think you must focus on your host . i have some joomla sites in turkish like you and they have never hacked . why ? i have a good host
hello, my joomla website was hacked, too. (turkish group) They used a security leak in JoomlaBoard. http://forum.joomla.org/index.php/topic,50772.0.html Hope this helps.
"By default the Joomla! code base is considered to be safe, but without a safe hosting environment even the most secure release of Joomla! will be compromised."