1. underwatercolours
  2. Sherlock Holmes
  3. Commercial Templates
  4. Monday, 15 February 2016
  5.  Subscribe via email
I have recently had a horrible number of hack attempts on the 100 websites I host on a VPS, both Joomla and Wordpress. All my Joomla sites have been updated to 3.4.8, but I still had one of them hacked. The very strange part was that when I turn on the image logo instead of the text logo on my site that uses the Lifestyle template, you don't see the spam that the hacker added. You can, however, still see it in the code.




Can you tell me what file might be doing this? I have tried to figure out what files have been compromised, but can't seem to figure that out either, in spite of putting way too much time into it. I have reinstalled the newest version of the template and am about to do a whole new Joomla install, but thought I would run it by you first to see if anyone recognized this kind of hack and had any suggestions.

I'm also using a CP notification app, Brut Force Protection and Mod Security Tools, but they still got in. This is VERY FRUSTRATING!
Accepted Answer Pending Moderation
0
Votes
Undo
Hello

Very sorry to hear. Compromised sites are very frustrating and unfortunately can be almost impossible to revert.

Firstly reinstalling your template should revert all template files back to the original. If you really want to ensure this you can delete your Joomla51 template folder (../templates/j51_lifestyle) via FTP, extract your template install file locally and then upload to the template folder (replacing the original). The file responsible for the logo area of your template is ../templates/j51_lifestyle/php/layouts/header.php

The horrible truth is that once your site is compromised it is almost impossible to revert as any number of backdoors could be placed hidden within your Joomla install. For this reason, presuming you have a backup, it is always best to revert to it rather than trying to heal the current install.

If you have Googles webmaster tools set up for your site it should list any issues (Security Issues tab) so worth checking that out to.

Unfortunately this whole Joomla 3.4.6 thing has effected a lot of sites even if you managed to update in time. This is mainly due to the security issue been widely known for 2 days before a security fix was available from Joomla.

CiarĂ¡n
  1. more than a month ago
  2. Commercial Templates
  3. # 1
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!

Join Our Newsletter

* indicates required
We respect your privacy and do not tolerate spam and will never sell, rent, lease or give away your information (name, email, number, etc.) to any third party. Nor will we send you unsolicited email.
Joomla51 - Mullaghmore, Co. Sligo, Ireland
Joomla51.com is not affiliated with or endorsed by the Joomla! Project or Open Source Matters.
The Joomla! name and logo is used under a limited license granted by
Open Source Matters
the trademark holder in the United States and other countries.