Joomla based site hacked by Turkish hacker

This is my latest site http://www.propertyhogs.com/ and it's just been hacked. Do you believe that Jommla has some serious security issues?

 

No, but I'm doing it now. So you think that he got access thru Joomla, right?

 

it's probably the case you left a file with the wrong permissions.

it could happen to ANY cms out there.

 

My server guy just told me it was the latest and most secure version of Joomla. This is really changing my mind about Joomla. Has anyone else you know with a Joomla based site been hacked?

 

Yes , I had a joomla site hacked by someone saying they were Turks,

It was my fault as I had the wrong permissions on a file. The permissions issue is now fixed.

 

I hope so, I'm glad he didn't get to any important parts of the site. For now I have added the old homepage.

 

Same thing happened to my Joomla based site, www.bading.com. Few days ago, I was hacked with this Turkish Hacker, At first, he modified the Index.php of the Joomla based, not the template index.php, then after I fixed it, he went back again and modified the configuration.php. I sent email to Godaddy (my Hosting Server), and they found out that the vulnerable files from my site are came from one of the Joomla Module and not from the Joomla Installed. This Module is the Expose Module (Normally use for Gallery) that you can download for free. After I uninstalled the Module, everything was fixed including the spams on my other modules.

I suggest, please be careful downloading these free modules, there are so many holes on it and some of it was created by the hackers as well.

 

Has Joomla ever commented on these issues?

 

Warning: Installing 3rd party extensions may compromise your server's security. Upgrading your Joomla! installation will not update your 3rd party extensions.
For more information on keeping your site secure, please see the Joomla! Security Forum.

That's the only warning.

 

my site was also hacked by Turkish last month... may be the same person are doing it.

 

A friends JOomla site got hacked same group. The basic install of joomla is filled with holes.

If you aren't willing to figure it all out / technically capable hire someone or forget it .

A friend of mine does it and it takes a while lots of patches and what not.

 

i dont think joomla sites has big security holes.

in my experience , hosting servers are having holes which is being a reason for hacking

 

Hi Mike,

I had one site hacked and another about to be hacked by the Turk - here's the lowdown.

The access point was through the cache directory which I stupidly left on 777 (full read/write). It should be 755. Check this dir for files called good.php or ozey.php. If you find either, delete the files and set the dir permission level to 755.

Next step is to chmod all dirs to 755. This will stop you from installing mods/components/templates so if you need to do any installs, temp mod back to 777, do the installs, then mod back to 777 afterwards.

 

I know this is a bump, but today my site was hacked as well grrr, index.php file was replaced, I had lots of lots of bad permissions direct 777, now I have set permissions to what they should be dirs 655 and files 644.
Hopefully his will not happen again.

 

You'll find that if you install via Fantastico, it leaves lots of dirs open.

Another tip is to install sh404SEF - that way, it makes Joomla sites less easy to find.

 

for security the core of joomla is fine, it's when people use extensions that the problems arise.

 

what does sh404SE does? there is already 404 page available in joomla? to handle such errors?