For some reason the Kosova hackers group keep targetting just one of my joomla sites. Could it be to do with the number of hits the site gets? Its always had up to date security and is exactly the same as all my other sites. I have approx 15-20 sites hosted with joomla but these gits keep hacking just one site. I change the template and delete the one they have hacked and its fine for a few days then they do it again. They even have the cheek to advertise that they do website design too. And they dont even have a website for anyone to get their own back and hack them! Anyone else been subject to KHG? Here is a new extract about what else theve done... A group of hackers from Kosovo defaced 15 Serbian websites on Tuesday night, including those of high profile firms, government departments and museums. The hackers, known as Kosova Hackers Group, posted the same, Albanian double-headed eagle and message on each website. The targets included the Serbian Ministry of Defence. Many of the websites remain inaccessible, although the hackers’ message has disappeared. Their message reads: “Hello Serbs, now wonder why you see it on this particular page?? We do it because we can and we will continue to do so. “Now the fact is that we are p*ssed off at both you and EULEX [for] sign[ing] agreements which do not concern you." “Our final word is that we honor all families who lost someone in the war against you. We want justice and we want our missing people back.†The group also hacked into the website of EULEX, the European rule of law mission in Kosovo, last month in protest against plans to sign a policing protocol with Serbia’s interior ministry.
YOu could try and make sure you have the latest security updates if that doesnt work and they keep hacking just one joomla site its worth using a different cms for the time being hence they might not be able to hack it the same. We recently developed a site for a client that changed the cms they where using altogether and it did the trick. Its not ideal but it worked for them.
Cheers, yes were looking into that. We have a massive phpbb3 forum on the site too but they never seem to touch that. Apparently they prey on joomla sites as they are easy to hack but like I said, I have 15-20 of them but this is the only one they hit. It must be to do with its google rankings. We are going to try the phpbb3 portal mod which has everything in one. Hopefully that will stop them.
Have you done anything to block IP's outside of your area. I don't do much Joomla anymore but I still block any country that is not relevant to my marketing campaigns. http://www.countryipblocks.net/ is a good place to start.