-
AuthorPosts
-
wooohanetworks Friend
wooohanetworks
- Join date:
- September 2008
- Posts:
- 1239
- Downloads:
- 0
- Uploads:
- 2
- Thanks:
- 148
- Thanked:
- 138 times in 41 posts
October 16, 2008 at 4:46 am #134476Please stop asking any user for live urls to be posted in the forums here, Menalto is not the only one whose site was hacked, now also gobeyond ones and honestly, I think it is because posting live urls here.
I also think it is not in the interest of Joomlart.com to probably cause loss to any member here, I think to ask for those via PM only is the way to go.
In the same manner, I encourage any member not to comply to official Joomlart.com moderators, support staff or members asking for a live url to be posted but only to send them those via PM and in no case to follow those wishes as a forum is no safe place.
Thanks for your attention and regardless of this issue, I am still a satisfied Joomlarter but this is not more the way to go!
Thanks!
mfcphil Friendmfcphil
- Join date:
- September 2007
- Posts:
- 2866
- Downloads:
- 3
- Uploads:
- 218
- Thanks:
- 211
- Thanked:
- 388 times in 133 posts
October 16, 2008 at 9:41 am #275618I spent all evening going into all my old posts removing url links….only a few left.
These recent hacks are very scary indeed.
wooohanetworks Friendwooohanetworks
- Join date:
- September 2008
- Posts:
- 1239
- Downloads:
- 0
- Uploads:
- 2
- Thanks:
- 148
- Thanked:
- 138 times in 41 posts
October 16, 2008 at 10:44 am #275649Everybody pays his or her price, Menalto asked others for their urls and his site was hacked, even you and support members of JA expressively wanted to get live urls from members and did not mention the PM option but the easier forum post option, bad issue is, the members pay for the negligence of others and so the ones that are responsible also pay with getting bad credibility back from those who were asked for their urls and got their sites hacked.
Nice issue…also when the access is restricted to paying members, it is still a public forum, everybody can join, also hackers and can also hack in their way.
Thanks!
Menalto FriendMenalto
- Join date:
- May 2007
- Posts:
- 4736
- Downloads:
- 0
- Uploads:
- 43
- Thanks:
- 2
- Thanked:
- 531 times in 361 posts
October 16, 2008 at 3:33 pm #275705If the site url is needed to solve a problem its up to the support staff if its needed or not.
akwasi_c Friendakwasi_c
- Join date:
- August 2008
- Posts:
- 124
- Downloads:
- 0
- Uploads:
- 5
- Thanks:
- 10
- Thanked:
- 8 times in 1 posts
October 16, 2008 at 4:10 pm #275710My site too has been hacked a week ago by this so called turkish hacker
jwellman Friendjwellman
- Join date:
- April 2008
- Posts:
- 543
- Downloads:
- 0
- Uploads:
- 6
- Thanks:
- 115
- Thanked:
- 59 times in 21 posts
October 17, 2008 at 5:01 am #275806One of mine was hacked as well. Perhaps editing my sig line will help until this hacker is gone. I have made sure all the sites were updated to 1.5.7 but I’m still looking into further security options.
wooohanetworks Friendwooohanetworks
- Join date:
- September 2008
- Posts:
- 1239
- Downloads:
- 0
- Uploads:
- 2
- Thanks:
- 148
- Thanked:
- 138 times in 41 posts
October 17, 2008 at 5:09 am #275809There is a tool called JDEFENDER that shall avoid hacks on Joomla systems. It costs app. 20$ but requires some encryption software on the server in addition. All information can be found on their homepage.
With best regards and much luck!
shertmann Friendshertmann
- Join date:
- September 2008
- Posts:
- 339
- Downloads:
- 0
- Uploads:
- 1
- Thanks:
- 22
- Thanked:
- 42 times in 26 posts
October 17, 2008 at 6:15 am #275811<em>@jwellman 86508 wrote:</em><blockquote>One of mine was hacked as well. Perhaps editing my sig line will help until this hacker is gone. I have made sure all the sites were updated to 1.5.7 but I’m still looking into further security options.</blockquote>
hey jwellman i put some days ago a tutorial i found on the net on how to secure your joomla instalations can be found here http://www.joomlart.com/forums/topic/protect-your-instalation-from-hacking/ 🙂1 user says Thank You to shertmann for this useful post
mfcphil Friendmfcphil
- Join date:
- September 2007
- Posts:
- 2866
- Downloads:
- 3
- Uploads:
- 218
- Thanks:
- 211
- Thanked:
- 388 times in 133 posts
October 17, 2008 at 6:17 am #275812and get rid of the admin admin or guest guest how many site have this as user and password and forget to get rid of them…..
my only question about all this live url is…does every search engine in the world not show your live url?
swemmel Friendswemmel
- Join date:
- February 2006
- Posts:
- 794
- Downloads:
- 34
- Uploads:
- 53
- Thanks:
- 36
- Thanked:
- 64 times in 1 posts
October 17, 2008 at 6:45 am #275816I think it is not because of the urls are in this forum that sites are hacked. The support forums are only reachable for registered members. And I gues that hackers are not registered members. And often it is needed to see the problem on the live-website to understand and analyse the problem.
I agree with McPhil, when you google on Joomla, you will have about all live Joomla-websites that are made with joomla.
Secondly, if you do not want to post your url here you can make use of the new Premium Email Support.
Kind regards,
Peterwooohanetworks Friendwooohanetworks
- Join date:
- September 2008
- Posts:
- 1239
- Downloads:
- 0
- Uploads:
- 2
- Thanks:
- 148
- Thanked:
- 138 times in 41 posts
October 17, 2008 at 7:48 am #275826All you must learn one thing. These hacks are not hacks for money, so there is no need for hackers not to look over these sites here. When you read, again you did not read my posts in complete, you would now already know why hackers use forums like this and all the others outside to hack.
First, this forum is not safe, I do not know how one can even mention “This forum is accessible by members only” when it is first not, every hacker can hack this vBulletin at ease, it is cheap code, period. Second, why should a hacker not even pay for membership.
You must learn that it is not like you think and all your questions, e.g. google etc. were already answered by me in my previous posts about this topic and again, also you mfcphil should take the bit of time to read, read and understand the simple psychology of such hackers like they are existing in all the forums I explained to you and all the others several times even via PM, you just do not read because you seemingly do not want to.
First, when you hack for so, for the fun or for teaching lessons, you will not seek google, there is no fun to hack sites where the owners or operators will later not talk about the hacks in a forum like this, this is the entertainment of the hackers. To hack your site and later to see “Oh, my XXXXXXXXXXX is hacked, oh, oh…” This as an example and I hope that it will not be hacked too.
AGAIN, ALL YOUR COMMENTS AFTER MINE I ALREADY ANSWERED TO YOU IN MY PREVIOUS POSTS; IN THIS TOPIC AND OTHERS AND IT IS NEVER MY JOB TO NOW EVEN TELL YOU WHERE IN THE FORUM! ONE TIME IN A TOPIC “JA LARIX VM” AND IN ANOTHER TOPIC TOO!
All you mention is false and not thought through and you know it.
Thanks!
To now say, these urls here are not the reason is like saying the enemy is not near when the whole city is already taken over…
You know that, stop playing yourself!
Thanks and much success in the future.
tonyg Friendtonyg
- Join date:
- June 2008
- Posts:
- 197
- Downloads:
- 0
- Uploads:
- 8
- Thanks:
- 18
- Thanked:
- 46 times in 27 posts
October 17, 2008 at 10:27 am #275857Posting your url in this forum may be a contributing factor I don’t know. But one thing I am sure of is that anyone still using Joomla 1.5.0 up to Joomla 1.5.6 is very vulnerable. Whenever Joomler announces a security hole the hackers go to work because they know lots of people are slow to act when it comes to applying patches and upgrades. Up to date there’s unbelievable amount of people who are still using J1.5.6 and below. I have no doubt that people using J1.5.7 have been hacked as well but the percentages will be an interesting telling factor.
Wooohanetworks I have no doubt of your intentions for this alert but this alert is misleading. It is misleading because if all a hacker needs is ones url then it surely won’t matter if you post your url in this forum or not, because they will find your site sooner or later. We all need to take some measures to secure our sites the visibility of our url is not one of them.
tonyg Friendtonyg
- Join date:
- June 2008
- Posts:
- 197
- Downloads:
- 0
- Uploads:
- 8
- Thanks:
- 18
- Thanked:
- 46 times in 27 posts
October 17, 2008 at 10:54 am #275861<em>@mfcphil 86296 wrote:</em><blockquote>I spent all evening going into all my old posts removing url links….only a few left.
These recent hacks are very scary indeed.</blockquote>
Hi mfcphil,
Hackers finding your site is not the problem, the question is will they find any doors open? and if the answer is yes then I can assured you they don’t need the assistance of this forum to locate your site. Is like saying if I take my house number off my front door then thieves won’t find me.
shertmann Friendshertmann
- Join date:
- September 2008
- Posts:
- 339
- Downloads:
- 0
- Uploads:
- 1
- Thanks:
- 22
- Thanked:
- 42 times in 26 posts
October 17, 2008 at 3:12 pm #275880<em>@tonyg 86569 wrote:</em><blockquote>Posting your url in this forum may be a contributing factor I don’t know. But one thing I am sure of is that anyone still using Joomla 1.5.0 up to Joomla 1.5.6 is very vulnerable. Whenever Joomler announces a security hole the hackers go to work because they know lots of people are slow to act when it comes to applying patches and upgrades. Up to date there’s unbelievable amount of people who are still using J1.5.6 and below. I have no doubt that people using J1.5.7 have been hacked as well but the percentages will be an interesting telling factor.
Wooohanetworks I have no doubt of your intentions for this alert but this alert is misleading. It is misleading because if all a hacker needs is ones url then it surely won’t matter if you post your url in this forum or not, because they will find your site sooner or later. We all need to take some measures to secure our sites the visibility of our url is not one of them.</blockquote>
well published here or not is a simple matter of making a robot that index certain seach terms anv voila you got what it takes to hack a joomla site, because too many sites have admin/admin or default/default., then too many sites are exposed.
swemmel Friendswemmel
- Join date:
- February 2006
- Posts:
- 794
- Downloads:
- 34
- Uploads:
- 53
- Thanks:
- 36
- Thanked:
- 64 times in 1 posts
October 17, 2008 at 4:10 pm #275894For me it is clear. Make sure your website is as safe as possible and you can post your URL wherever you want. And I can say my URL’s are all around the web. One of my sites was hacked one time and that was because I had a component that was vulnerable and I did not check the list on Joomla.org regularly to fix it in time. For people who do not know, there is a list on Joomla.org with a list of all vulnerable components. It is here:
http://docs.joomla.org/Vulnerable_Extensions_ListWhen you check this list and Joomla.org on a regular base, you can close the doors in time. What wooohanetworks do is playing panic-football, like they do on wallstreet nowadays. :p
The safest way to keep your site from hackers is to keep it on a local host on you PC at home.
Peter
-
AuthorPosts
This topic contains 34 replies, has 10 voices, and was last updated by mfcphil 16 years, 2 months ago.
We moved to new unified forum. Please post all new support queries in our New Forum