Reputation: 1163
File injected on into Joomla site
we had Joomla 2.5.8. a virus file list.php was created in this path /public_html/modules/mod_jacontentslider/assets/css
This file was sending spam emails non stop.
we thought it was php hack and update to latest version of php and upgraded joomla 2.5.11 and we got hit again with the same issue.
Any thoughts?
Update
I tried to download this infected file (list.php) to my windows 7 PC. The Microsoft security essentials software detected the virus and didn't allow me to download this file.
So, is there some software on linux (CentOS 5.9) side that will scan the files periodically and automatically delete bad ones or notify us? We had clam installed which is of no use. It did not detect this virus file.
Upvotes: 4
Views: 4184
Answers (3)
Reputation: 160
8 Ways to secure Joomla and prevent being hacked!
Change the default database prefix (jos_)
Use a SEF component
Use the correct CHMOD for each folder and file.
Password protect your administrative area.
Keep your website up-to-date.
Use a .htaccess file to secure your Joomla.
Passwords - Use a unique and strong password.
Install the jSecure Authentication plugin.
For more details : http://www.toxzen.co.za/tutorials/item/30-8-ways-to-secure-joomla-and-prevent-being-hacked
Upvotes: 1
Reputation: 19733
Upgrade to the latest version of the Joomla 2.5 series for starters. Not that this version had any security fixes, however it's still always best to do so. It could very well be due to an extension you're using on your site.
I answered some questions a while back, explaining Joomla updates, things to take into account and what extensions can be used to keep your site more secure.
Joomla! 2.5.4 Hacked: Having trouble with diagnosis
and
Why should I keep my Joomla version up to date?
Hope this helps
Upvotes: 2
Reputation: 2424
This type of issue is common with outdated CMS solutions. Its usualy quite prone to vulnerabilities because of it's popularity. There are a lot of things you can do to prevent these type of attack, depending if you are on a shared server or a dedicated one there are solutions avaialable. I'll name only a few
- First, start by changing your password to a passphrase with characters, numbers, sepcial characters (15)
- Change your passphrase often
- Ensure all of your server software is up to date on patches and knowned vulnerability, if on a shared server contact your provider with issues you have been facing.
- Use sftp for transfers and definitely don't use filezilla
- Invest in a firewall, very efficient to prevent brute force password attacks on certain ip range
- Ultimately, you can visit these types of site that sell you protection for Joomla http://extensions.joomla.org/extensions/access-a-security/site-security/site-protection/8384 or these type of site that explains avaialable hacks for joomla http://www.exploit-db.com/papers/15780/
Hopefully these few advices will help you solve the problem you are faced with.
Upvotes: 2
Related Questions
- Virus/malware modifying .htaccess on Joomla CMS website
- Joomla Site Hacked?
- Javascript was injected into my Joomla website?
- Joomla website hacked, Index file replaced nothing else
- Joomla malicious code removal
- Joomla Hacked and redirecting to dndelectric website
- My joomla website redirects to a Malicious site
- Spam looking script tag on top of joomla site
- PHP File Injection?
- My website get javascript injected in whole files