My Joomla has been hacked

If you suspect that your Joomla has been hacked, the first thing to check are the raw weblogs. Try searching them for suspicious client requests such as: – – [29/Oct/2008:06:07:30 -0500] “GET /index.php? HTTP/1.1″ 200 10864 “-” “Firefox”

Unfortunately, it is not always that easy to find traces of a web attack and to decode it. Such a task may require an advanced developer to devote quite a lot of time. That’s why you should know the most common reasons for a Joomla to be compromised:

1. The core Joomla installation is outdated. Previous versions have serious security vulnerabilities which can be easily exploited.

You can check your Joomla version by logging in your admin panel. There your current Joomla version will be specified.

In this case, you will need to upgrade your Joomla installation to the lastest Stable version.
2. Additionally installed components / modules are outdated.

This is a very common but, unfortunately, neglected problem. It is essential to keep track of all extra components / modules and make sure they are up to date. Check the addon’s homepage for information about recent security issues and upgrade instructions.
3. Common misconfigurations which are known to open security holes:

register_globals turned on in PHP’s configuration – if turned on this directive allows easy variable poisoning; make sure to turn it off;

allow_url_include turned on in PHP’s configuration – if turned on it allows remote code to be included in your scripts; make sure to turn it off;

– using the default table prefix _jos. This opens the door for all MySQL injections; make sure you change your table prefix to something harder to guess using this component;

– RG_EMULATION turned on in Joomla 1.0.* – this directive emulates register_globals locally, a dangerous option; if enabled, you will see a warning right after you log in to your Joomla admin panel; you can switch it off by adding somewhere in the middle of the configuration.php file:

if(!defined(‘RG_EMULATION’)) { define( ‘RG_EMULATION’, 0 ); }


Comments are closed.

Basic Helpful Tutorials (43)
Cpanel (14)
Domain name (40)
Email (54)
FTP (9)
General FAQ (62)
Home Page (14)
Mysql (7)
Our Reseller Program Tutorials (4)
Pre Sales (25)
Reseller Hosting (5)
Script installations (7)
SSL (24)
TBR (8)
Video Tutorials (7)
Website Builders (29)
Windows Hosting (14)

WP Cumulus Flash tag cloud by Roy Tanck requires Flash Player 9 or better. is an
ICANN Accredited Registrar

ICANN Certified Registrar is an Authority (CIRA)
certified .CA Domain Name Registrar is an Authority (CIRA) certified .CA Domain Name Registrar
Click for the BBB Business Review of this Internet Services in Ottawa ON

HACKER SAFE certified sites prevent over 99.9% of hacker crime.
  • Facebook
  • Twitter