It was a file manager script, allowing anybody to visit that page and have all the info about my site, no idea how they gained access, as all the permissions were correct etc.

I have now found that 4 of my sites were email spammers, and also had open access. I then found a small text file in another directory that had links to other sites with the file manager, 2 of them were mine on my other servers.

It is getting to the stage where I’m seriously wondering if using Joomla is the best idea as a commercial sense. I have never minded paying for scripts, as i sell them at the end of the day. So i have already started looking for commercial components.

Do you think encrypting the configuration.php file in ioncube would help, or can ioncube be cracked?

All the best
Ian

It was a file manager script, allowing anybody to visit that page and have all the info about my site, no idea how they gained access, as all the permissions were correct etc.

I have now found that 4 of my sites were email spammers, and also had open access. I then found a small text file in another directory that had links to other sites with the file manager, 2 of them were mine on my other servers.

It is getting to the stage where I’m seriously wondering if using Joomla is the best idea as a commercial sense. I have never minded paying for scripts, as i sell them at the end of the day. So i have already started looking for commercial components.

Do you think encrypting the configuration.php file in ioncube would help, or can ioncube be cracked?

All the best
Ian

Hackers could just as easily have gotten in through another application or even another website if you are using a shared hosting service. The only way to find that out is to go through the webserver logs, which your hosting co. should do.

What you need to do, regardless of what your hosting company does, is:

a) Secure your data.
You probably do not want to lose your data that you have worked alot to accumulate. So make backups of your database and the files you might have uploaded or modified. Typical folders you would want to backup is your images folder and your templates folder. Joomla core files are not important, unless you have made modifications to them.

You might end up backing up some data that the hackers have put there, so after you have made the backup you should go through the data to ensure that it is in fact your data.

b) Go through your installed components, mambots and modules.
Compare their version numbers with the ones you find on the extension websites, for instance on extensions.joomla.org. Download the most recent versions of the stuff you have installed. Using old extensions that might have known security holes is a big security risk.

c) Consider switching hosting companies
If your hosting company is unable to stop what ever is happening to the server you should reconsider using their service, and you should at least demand to be moved to another server that is not compromised. If the hosting company will not set up a new account for you, you should consider switching host.

Do a fresh Joomla install, using the latest Joomla version available in the 1.0 series (1.0.12 at this time). Also: Install new versions of the components you had on your old site, if new versions are available.

Alot of other security tips and measures plus help and assistance can be found in the Joomla security forums.

Hope this helps!

- Torkil

Hackers could just as easily have gotten in through another application or even another website if you are using a shared hosting service. The only way to find that out is to go through the webserver logs, which your hosting co. should do.

What you need to do, regardless of what your hosting company does, is:

a) Secure your data.
You probably do not want to lose your data that you have worked alot to accumulate. So make backups of your database and the files you might have uploaded or modified. Typical folders you would want to backup is your images folder and your templates folder. Joomla core files are not important, unless you have made modifications to them.

You might end up backing up some data that the hackers have put there, so after you have made the backup you should go through the data to ensure that it is in fact your data.

b) Go through your installed components, mambots and modules.
Compare their version numbers with the ones you find on the extension websites, for instance on extensions.joomla.org. Download the most recent versions of the stuff you have installed. Using old extensions that might have known security holes is a big security risk.

c) Consider switching hosting companies
If your hosting company is unable to stop what ever is happening to the server you should reconsider using their service, and you should at least demand to be moved to another server that is not compromised. If the hosting company will not set up a new account for you, you should consider switching host.

Do a fresh Joomla install, using the latest Joomla version available in the 1.0 series (1.0.12 at this time). Also: Install new versions of the components you had on your old site, if new versions are available.

Alot of other security tips and measures plus help and assistance can be found in the Joomla security forums.

Hope this helps!

- Torkil

Please help as I do not know how to upgrade properly, really scared about losing all my content. I’m so far using 1.0.10.

Please help as I do not know how to upgrade properly, really scared about losing all my content. I’m so far using 1.0.10.