-
AuthorPosts
-
dumpyman Friend
dumpyman
- Join date:
- December 2012
- Posts:
- 13
- Downloads:
- 0
- Uploads:
- 6
- Thanks:
- 5
- Thanked:
- 2 times in 1 posts
February 21, 2014 at 4:51 pm #195054TomC ModeratorTomC
- Join date:
- October 2014
- Posts:
- 14077
- Downloads:
- 58
- Uploads:
- 137
- Thanks:
- 948
- Thanked:
- 3155 times in 2495 posts
Radonja Djurisic FriendRadonja Djurisic
- Join date:
- September 2014
- Posts:
- 316
- Downloads:
- 180
- Uploads:
- 113
- Thanks:
- 66
- Thanked:
- 72 times in 15 posts
wolfix Friendwolfix
- Join date:
- March 2007
- Posts:
- 75
- Downloads:
- 8
- Uploads:
- 3
- Thanks:
- 21
- Thanked:
- 6 times in 2 posts
February 21, 2014 at 7:24 pm #523824<em>@dumpyman 412659 wrote:</em><blockquote>Purity demo site hacked????:((:((</blockquote>
I use to have a problem with my Joomla sites getting hacked until I changed the permissions to 770, with Apache as the group-owner.
770 is the hexadecimal code and the equivalent to: RWX,RWX,— or in other words: Owner (read, write, execute), Group (read, write, execute), Others (no access)
Most server control panels allow you to change file permission… navigate to the root folder of joomla and choose 770, but you must use the “Recursive” feature which will automatically change all files and folders to 770. If you don’t use Recursive, you will only change one file/folder at a time.
If you have access to command line you can navigate to the folder and change permissions…
Example:
cd /home/john/www/
(note: cd is the Change Directory command that allows you to navigate to a specific directory. You can also use the (ls – l)command, without the parenthesis, to view all files and folders in a specific directory.
chmod myJoomlaRootFolder -R myUserAccount:apache
(note: this command makes me owner and Apache group-owner of all files and folders. The -R makes it recursive so all files and folders are changed.
chown -R 770 myJoomlaRootFolder
(note: this command changes the permissions to all files and folder. The -R makes it recursive so all files and folders are changed.)
—
Others may have a better solution… but this has worked well for me… no more hacks.
Manos ModeratorManos
- Join date:
- February 2014
- Posts:
- 2806
- Downloads:
- 46
- Uploads:
- 56
- Thanks:
- 200
- Thanked:
- 633 times in 576 posts
Hung Dinh FriendHung Dinh
- Join date:
- September 2014
- Posts:
- 4408
- Downloads:
- 11
- Uploads:
- 189
- Thanks:
- 309
- Thanked:
- 3310 times in 3 posts
February 21, 2014 at 9:37 pm #523830Thank you everyone for the notice and I am extremely sorry for the concern you may have with Purity. It is not the template related issues, it is all about the server.
I have a long working session with our system admin, here are the details of how that hacker got into the Purity demo site:
Purity III is on the same server with one of very old site of our system at http://wiki.joomlart.com (powered by http://www.mediawiki.org/wiki/MediaWiki) which somehow had been attacked about 3 hours before we were notified about the hacking message on the Puirty Demo. It was the same message we saw earlier today on wiki site.
WIth the access he had from wiki page, the hacker put this .htaccess file to the root of the server
RewriteEngine on
RewriteRule ^index.php$ 1.html
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?param=$1 [QSA,L]
As you can see, this will perform a complete deletion of all files and folder on the server. That’s pretty rude and meant of him
For the past 2 hours we have fixed the issues and all demos will be brought back in less than 1 hour. The system admin has changed all the access credentials, and is now performing a complete security check
So please don’t panic about Joomla or Purity, they are all secured. Next week, we will be separating the wiki page to a different server to make sure that it wont happen again.
5 users say Thank You to Hung Dinh for this useful post
Hung Dinh FriendHung Dinh
- Join date:
- September 2014
- Posts:
- 4408
- Downloads:
- 11
- Uploads:
- 189
- Thanks:
- 309
- Thanked:
- 3310 times in 3 posts
February 21, 2014 at 9:54 pm #523832I hope the hacker can see this thread too. Have you seen my message on the bottom right of this page? No working during happy hours! This is not fun at all
if you want to do that, please keep calm and try it on Monday 🙂
2 users say Thank You to Hung Dinh for this useful post
Hung Dinh FriendHung Dinh
- Join date:
- September 2014
- Posts:
- 4408
- Downloads:
- 11
- Uploads:
- 189
- Thanks:
- 309
- Thanked:
- 3310 times in 3 posts
February 21, 2014 at 10:04 pm #523833All Demos are up and running smoothly. Enjoy the weekend guys!
Radonja Djurisic FriendRadonja Djurisic
- Join date:
- September 2014
- Posts:
- 316
- Downloads:
- 180
- Uploads:
- 113
- Thanks:
- 66
- Thanked:
- 72 times in 15 posts
February 21, 2014 at 10:57 pm #523838guys i can still see …hack pages ?
Manos ModeratorManos
- Join date:
- February 2014
- Posts:
- 2806
- Downloads:
- 46
- Uploads:
- 56
- Thanks:
- 200
- Thanked:
- 633 times in 576 posts
February 21, 2014 at 11:22 pm #523839<em>@tolja 412721 wrote:</em><blockquote>guys i can still see …hack pages ?</blockquote>
Hi, can you please let me know on which template ? ( or a link if you can)
Radonja Djurisic FriendRadonja Djurisic
- Join date:
- September 2014
- Posts:
- 316
- Downloads:
- 180
- Uploads:
- 113
- Thanks:
- 66
- Thanked:
- 72 times in 15 posts
radu81 Friendradu81
- Join date:
- April 2007
- Posts:
- 24
- Downloads:
- 16
- Uploads:
- 0
- Thanks:
- 11
- Thanked:
- 13 times in 2 posts
April 2, 2014 at 3:07 pm #529208I’m afraid the demo site is hacked again 🙁
Manos ModeratorManos
- Join date:
- February 2014
- Posts:
- 2806
- Downloads:
- 46
- Uploads:
- 56
- Thanks:
- 200
- Thanked:
- 633 times in 576 posts
April 2, 2014 at 3:58 pm #529222Our team is already on top of that.
Thanks for reporting.AuthorPostsViewing 13 posts - 1 through 13 (of 13 total)This topic contains 13 replies, has 7 voices, and was last updated by Manos 10 years, 8 months ago.
We moved to new unified forum. Please post all new support queries in our New Forum
Purity demo site hacked
Viewing 13 posts - 1 through 13 (of 13 total)