_users table hacked/exploited - Joomla! Forum - community, help and support
yesterday around same time got know site hacked/attacked. somehow attacker able change usernames , passwords same entity. , part didn't touch or modified anything. site , running well. started sort out , changed super user name & password, in order block access , host. fortunately have backup, old 1 think clean, left site online. don't know cause of since i'm using latest version 2.5.8 , none of extensions vulnerable. i've ran fpa not posting now. i've updated host , looking matter.
but here comes secret admirer again, today hacker again changed usernames , passwords of users name. put site offline (i.e. no login box). , seems secret admirer going me long time.
any ideas/suggestions/help?
but here comes secret admirer again, today hacker again changed usernames , passwords of users name. put site offline (i.e. no login box). , seems secret admirer going me long time.
any ideas/suggestions/help?
shared hosting or vps/dedicated?
check out plugins jed hide admin end access, example can no longer visit admin without special key /mysite/administrator won't work unless have special key /mysite/administrator?noadminforyou. or use htaccess/htpsswd password protect admin prompted apache every time access.
it's worth tracking access, check logs visiting site , screen originating ip's. can use extensions or server (if have technical knowledge) blacklist ip's , not let them visit @ all.
i'm wondering if accessing database, joomla install, or going on. change admin id, admin name, , password safe too! i'm pretty sure can do.
how accessing phpmyadmin , etc....you have control panel webserver right? try disabling when you're not using if possible, free memory , shut down simple access.
disable logins in both admin , front end on x failed attempts, best use extension prolongs , frustrates users/bots.
be mindful of other admins, managers, or whoever accessing site , make sure permissions proper, , require them change passwords every 3-6 months annoying prevents them being exploited too.
next make sure have setup mysql account root or admin or whatever call password , disable other users, no password asking trouble.
check out services project honey pot, cloudflare (free security aweomse), , etc. add level of automated type protection bots , stuff scouring site.
make sure directory permissions 755 , files 644 (which important), disable access .htaccess file , xml config files (via .htaccess or other means), make sure apache (web server) owns needed files in joomla can access them properly.
check using joomla htaccess file gets renamed .htaccess because not want directory browsing enabled...
maybe invest in security extensions rsfirewall if you're worried?
check out tutorials , information on security joomla, there's huge check list , granted lot of stuff common knowledge servers in general not informed or knowledgeable stuff feel frustration.
use forum post assistant post server , joomla specs on forum in safe manner, can see how server potential problem too.
soooo think of , lol, sorry information overload.
check out plugins jed hide admin end access, example can no longer visit admin without special key /mysite/administrator won't work unless have special key /mysite/administrator?noadminforyou. or use htaccess/htpsswd password protect admin prompted apache every time access.
it's worth tracking access, check logs visiting site , screen originating ip's. can use extensions or server (if have technical knowledge) blacklist ip's , not let them visit @ all.
i'm wondering if accessing database, joomla install, or going on. change admin id, admin name, , password safe too! i'm pretty sure can do.
how accessing phpmyadmin , etc....you have control panel webserver right? try disabling when you're not using if possible, free memory , shut down simple access.
disable logins in both admin , front end on x failed attempts, best use extension prolongs , frustrates users/bots.
be mindful of other admins, managers, or whoever accessing site , make sure permissions proper, , require them change passwords every 3-6 months annoying prevents them being exploited too.
next make sure have setup mysql account root or admin or whatever call password , disable other users, no password asking trouble.
check out services project honey pot, cloudflare (free security aweomse), , etc. add level of automated type protection bots , stuff scouring site.
make sure directory permissions 755 , files 644 (which important), disable access .htaccess file , xml config files (via .htaccess or other means), make sure apache (web server) owns needed files in joomla can access them properly.
check using joomla htaccess file gets renamed .htaccess because not want directory browsing enabled...
maybe invest in security extensions rsfirewall if you're worried?
check out tutorials , information on security joomla, there's huge check list , granted lot of stuff common knowledge servers in general not informed or knowledgeable stuff feel frustration.
use forum post assistant post server , joomla specs on forum in safe manner, can see how server potential problem too.
soooo think of , lol, sorry information overload.
Comments
Post a Comment