Hey guys,
I love this template, but it is causing a lot of problems for me because it keeps getting hacked. The hosting company ran maldet and here is what came back:
maldet(7970): {quar} malware quarantined from ‘/home/bigl/public_html/includes/defines.php’ to ‘/usr/local/maldetect/quarantine/defines.php.12358’
maldet(7970): {clean} restoring /usr/local/maldetect/quarantine/defines.php.12358 for cleaning attempt
maldet(7970): {clean} trying to clean /home/bigl/public_html/includes/defines.php with base64.inject.unclassed rule
maldet(7970): {clean} rescanning /home/bigl/public_html/includes/defines.php for malware hits
maldet(7970): {clean} clean successful on /home/bigl/public_html/includes/defines.php
maldet(7970): {quar} malware quarantined from ‘/home/bigl/public_html/index.php’ to ‘/usr/local/maldetect/quarantine/index.php.27826’
maldet(7970): {clean} restoring /usr/local/maldetect/quarantine/index.php.27826 for cleaning attempt
maldet(7970): {clean} trying to clean /home/bigl/public_html/index.php with base64.inject.unclassed rule
maldet(7970): {clean} rescanning /home/bigl/public_html/index.php for malware hits
maldet(7970): {clean} clean successful on /home/bigl/public_html/index.php
maldet(7970): {quar} malware quarantined from ‘/home/cpeasyapache/src/php-5.3.27/ext/standard/tests/general_functions/bug50732.phpt’ to ‘/usr/local/maldetect/quarantine/bug50732.phpt.10304’
maldet(7970): {quar} malware quarantined from ‘/home/cpeasyapache/src/php-5.3.27/ext/standard/tests/file/bug41874_3.phpt’ to ‘/usr/local/maldetect/quarantine/bug41874_3.phpt.800’
maldet(7970): {quar} malware quarantined from ‘/tmp/back’ to ‘/usr/local/maldetect/quarantine/back.13957’
These have been cleaned at this time. Either the site has exploitable code or a user with access to the site has malware on their system.
They have asked me to review the code to see if there is anything that we can do. I was curious if there are any updated or if you can help us tighten the site up.
phong nam
Friend
Hi brett,
On your concern, I’d like to suggest your some tips to protect your website:
1. Set No to Allow user registration option in User Manager >> Options.
It will prevent the spammers to create a registered account on your website.
2. Login your server, set 444 permissions to the files you want to restrict access from public users, especially configuration.php.
3. If you can track the IP of spammers, you can ban the access from that IPs via .htaccess file.
You can refer this tutorial at http://docs.joomla.org/How_do_you_restrict_directory_access_by_IP_address_using_htaccess%3F
In addition, the below post is quitely old but it has still been worthy: http://www.marcofolio.net/joomla/7_tips_to_optimize_joomla_security.html
This topic contains 2 replies, has 2 voices, and was last updated by 
We moved to new unified forum. Please post all new support queries in our New Forum
