Joomla is a free and open source content management system (CMS) for publishing content on the World Wide Web.
Questions tagged [joomla]
23 questions
9
votes
5 answers
How can a PHP file be added over and over to my hacked site?
I'm on a shared hosting plan (I know, I know) on GoDaddy and all the files in it have been hacked. There are multiple sites in the plan, each of them has a folder. The folders and sub-folders of each site are full of hacked files, and so are the…
Victoria Ruiz
- 191
- 1
- 3
4
votes
2 answers
How to secure store sessions values in webapps?
EDIT: I changed the title of this post from "How to manage sessions in webapps?" to "How to secure store sessions values in webapps?" as it might have been misleading
In the recent months I happened to encounter interesting scenarios that made me…
Federico
- 183
- 2
- 9
3
votes
3 answers
Will PHP malware from my hacked website be able to infect my computer locally if downloaded?
I have site that is hacked and flagged by Google for having malware:
Some pages on this website send visitors to the following dangerous websites: freshmodel.pw.
I made a backup of everything before I started, added a new clean website, and remove…
9ete
- 131
- 3
2
votes
2 answers
Log shows many hits to non existing content - hacking?
I have a website with Joomla and 404shSEF installed. The component logs all 404 requests and the log is really interesting. The site is getting requests on components and also a file called this: "7c334.php". Here an…
Owl
- 123
- 2
2
votes
2 answers
Hack: anymonous URL on my Joomla Website[Resolve]
My website has been hacked again. There are many foreign URLs such as here.
I've checked the database and there is nothing strange in my database. Does anyone know what kind of hack attack is like this?
Then I have to execute all files with exit ();…
Evelyn Raditya
- 31
- 4
2
votes
0 answers
SQLMap Strange Dump Result
Using SQLMap in this way:
sqlmap -u "xxxxx" --dbms=MySql --dbs --user-agent="Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0" -D xxxxx -T "#__xxxxx" --columns
I am obtaining this warning:
[23:39:07] [WARNING] unable to…
Hoper
- 255
- 3
- 10
1
vote
0 answers
Akamai or Incapsula (or other) for CDN with DDoS Protection?
One of our clients is launching a new site and I've been tasked with making a short overview of the advantages/disadvantages of Akamai, Incapsula or other CDN providers who are strong with DDoS protection.
Our main concerns are CDN Caching,…
Rae
- 203
- 1
- 7
1
vote
1 answer
Installing Joomla with nobody:nobody user/group (CentOS/cPanel)
If you are installing Joomla via cPanel's File Manager to your mywebsite.com (user mywebsite) account, you will upload the package to your server and extract the archive. All files will have the user and group according to your account…
Yatko
- 111
- 2
1
vote
5 answers
Site backdoor & eval()
I'm running a Joomla 1.7 site which was hacked today. Below script did the…
Techie
- 123
- 1
- 5
1
vote
1 answer
my site with joomla 1.5.14 got defaced and I'd like to know how he did it and stop it
I am supposed to manage the content of a site and it got defaced.
The site is hosted on a Linux server running Apache.
Apache version: 2.2.13
Linux version is Debian 4.0(I think I don't really have access to anything more than a ftp account and…
Para
- 113
- 1
- 6
1
vote
0 answers
How to know what version of extensions are used in joomla-web-site from user's point of view?
The problem is: I'm a user and I'm to find out what version of extensions(modules, plugins and components) are used on Joomla-site.
In simple cases the version is already written,like here:
JWallpapers - A lightweight yet powerful image gallery…
Elvin
- 113
- 1
- 1
- 4
1
vote
0 answers
How to forbid hackers on a Joomla website?
My Joomla website was the victim of a hacker attack recently.
Hackers had access to my server and added some PHP files and mostly modified some index.php files. THe code is unfortunately ununderstandable to me and obviously too long to show here (if…
dench
- 11
- 2
1
vote
1 answer
Why does error-based SQL injection works only with certan fields?
I'm currently investigating the latest vulnerability affecting Joomla CMS.
You can find here a description of the vulnerability, however my question is merely on error-based SQL injections and is context independent.
The base URL I use to access…
WhiteWinterWolf
- 19,082
- 4
- 58
- 104
0
votes
1 answer
Joomla Linux Permissions
I installed Joomla 3 to /var/www/html directory in Cent OS 6 server. Currently /var/www/html is owned by apache:apache.
What is the recommended permissions for Joomla installation on Linux in production environment. Who should own what with which…
Kasun
- 784
- 2
- 5
- 13
0
votes
2 answers
NGO Joomla! site: Infected with malware? JavaScript injection?
Please help us with this NGO site running Joomla! 1.5.
They can't pay a security professional right now, so maybe you guys can help isolate the problem?
If you go to http://casatrespatios.org you get redirected to some openDNS…
transient_loop
- 427
- 4
- 13