site gets redirected. - Joomla! Forum - community, help and support

-

hacekrs keep redirecting site upgraded latest , restored backup, checked file permissions.
but don't know else can
can on fpa details see if i'm missing anything?
heres fpa details:

problem description :: forum post assistant (v1.2.3) : 6th december 2012 wrote:website gets redirected
actions taken resolve forum post assistant (v1.2.3) 6th december 2012 wrote:restore backup , check file permissions , run
forum post assistant (v1.2.3) : 6th december 2012 wrote:
basic environment :: wrote:joomla! instance :: joomla! 2.5.8-stable (ember) 8-november-2012
joomla! platform :: joomla platform 11.4.0-stable (brian kernighan) 03-jan-2012
joomla! configured :: yes | read-only (444) | owner: user_1063480262 (uid: 1/gid: 1) | group: vweb (gid: 1) | valid for: 2.5
configuration options :: offline: 0 | sef: 1 | sef suffix: 0 | sef rewrite: 0 | .htaccess/web.config: no | gzip: 0 | cache: 1 | ftp layer: 0 | ssl: 0 | error reporting: default | site debug: 0 | language debug: 0 | default access: 1 | unicode slugs: 0 | database credentials present: yes

host configuration :: os: linux | os version: 2.6.18-308.20.1.el5.centos.plus | technology: x86_64 | web server: apache | encoding: gzip, deflate | doc root: /home/linweb16/h/hs2actionalliance.org-1063480261/user/htdocs | system tmp writable: yes

php configuration :: version: 5.2.17 | php api: cgi-fcgi | session path writable: unknown | display errors: | error reporting: 6143 | log errors to: | last known error: | register globals: | magic quotes: | safe mode: | open base: | uploads: 1 | max. upload size: 20m | max. post size: 20m | max. input time: 60 | max. execution time: 60 | memory limit: 64m

mysql configuration :: version: 5.0.95-log (client:5.1.50) | host: --protected-- (--protected--) | collation: utf8_general_ci (character set: utf8) | database size: 88.93 mib | #of tables: 441
detailed environment :: wrote:php extensions :: date (5.2.17) | libxml () | openssl () | pcre () | zlib (1.1) | bz2 () | calendar () | ctype () | curl () | hash (1.0) | filter (0.11.0) | ftp () | gettext () | gmp () | session () | iconv () | pcntl () | posix () | readline () | reflection (0.1) | standard (5.2.17) | shmop () | simplexml (0.1) | spl (0.2) | sockets () | exif (1.4 $id: exif.c 293036 2010-01-03 09:23:27z sebastian $) | sysvmsg () | sysvsem () | sysvshm () | tokenizer (0.1) | wddx () | xml () | cgi-fcgi () | bcmath () | dbase () | dom (20031129) | gd () | imap () | json (1.2.1) | mbstring () | mcrypt () | mysql (1.0) | mysqli (0.1) | pdo (1.0.4dev) | pdo_mysql (1.0.2) | pdo_pgsql (1.0.2) | pdo_sqlite (1.0.1) | pgsql () | soap () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.8.11) | ioncube loader () | zend optimizer () | zend engine (2.2.0) |
potential missing extensions :: suhosin |

switch user environment (experimental) :: php cgi: yes | server su: no | php su: yes | custom su (litespeed/cloud/grid): yes
potential ownership issues: no
folder permissions :: wrote:core folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |

elevated permissions (first 10) :: testsite/cache/ (707) | testsite/includes/cache/ (707) |
extensions discovered :: wrote:components :: site :: com_mailto (2.5.0) | com_wrapper (2.5.0) | com_wrapper (1.6.0) |
components :: admin :: com_templates (2.5.0) | com_newsfeeds (2.5.0) | com_redirect (2.5.0) | com_banners (2.5.0) | com_checkin (2.5.0) | rsinstaller (1.3.0) | rsform (1.3.0 r36) | rsblog! (1.0.0) | mailing (4.38.35) | com_languages (2.5.0) | com_djimageslider (1.3.0 rc1) | com_cpanel (2.5.0) | com_joomlaupdate (2.5.0) | com_plugins (2.5.0) | rscomments! (1.0.0) | com_admin (2.5.0) | com_installer (2.5.0) | com_categories (2.5.0) | com_content (2.5.0) | stalker (1.2.1) | com_config (2.5.0) | com_users (2.5.0) | com_modules (2.5.0) | com_weblinks (2.5.0) | com_finder (2.5.0) | com_phocadocumentation (2.0.0 rc2) | akeeba (3.2.3) | com_phocadownload (2.0.0 rc2) | acajoom content bot (2.0.0) | acajoom content bot (2.0.0) | load module acajoom (1.0.1) | acajoom module (3.1.0) | acajoom user synchronization (1.0.0) | acajoom cb plugin (1.2) | com_menus (2.5.0) | com_messages (2.5.0) | com_login (2.5.0) | com_search (2.5.0) | com_cache (2.5.0) | acymailing : statistics plugin (1.7.2) | acymailing : (auto)subscribe d (1.7.2) | acymailing tag : subscriber in (1.7.2) | acymailing tag : cb user infor (1.7.2) | acymailing tag : joomla user (1.7.2) | acymailing : share on social n (1.0.0) | acymailing module (1.7.2) | acymailing template class repl (1.7.2) | acymailing tag : website links (1.7.2) | acymailing manage text (1.0.0) | acymailing table of contents g (1.0.0) | acymailing tag : content inser (1.7.2) | acymailing : trigger joomla co (1.7.2) | acymailing tag : date / time (1.7.2) | acymailing tag : manage su (1.7.2) | acymailing (1.7.2) | com_media (2.5.0) | rsevents! (1.2.0) |

modules :: site :: mod_whosonline (2.5.0) | mod_janalytics (3.0.0) | rsblog! calendar (1.0) | mod_related_items (2.5.0) | mod_footer (2.5.0) | mod_syndicate (2.5.0) | nice social bookmark (1.4) | pixsearchng (0.0.2) | mod_feed (2.5.0) | joomlaxtc news module (1.1.0) | mod_news_pro_gk4 (gk4 1.1) | dj-image slider (1.3 rc1) | mod_custom (2.5.0) | sigplus (1.4.1.1) | mod_search (2.5.0) | rokajaxsearch (2.1) | upcoming events (1.4) | mod_articles_categories (2.5.0) | rsblog! categories (1.0) | mod_wrapper (2.5.0) | mod_articles_popular (2.5.0) | acymailing module (1.7.2) | mod_articles_archive (2.5.0) | stalker (1.2.1) | mod_languages (2.5.0) | aidanews (1.2.1) | rsevents calendar (1.3) | mod_weblinks (2.5.0) | newsletter subscriber (1.1.0) | valaddthis (2.1.0) | mod_articles_latest (2.5.0) | social media icon links (1.6.0) | mod_tweetdisplayback (1.1.10) | rsblog! recent posts (1.0) | acymailing latest newsletters (1.0.1) | mod_articles_news (2.5.0) | mod_random_image (2.5.0) | rsblog! archive (1.1) | joomla 1.6 html module (1.6.0) | mod_users_latest (2.5.0) | mod_banners (2.5.0) | rsevents! ajax search (1.0) | mod_finder (2.5.0) | mod_login (2.5.0) | phpbb3 ultimos mensajes (v1.6) | rsform! pro module (1.3.0) | rsform! pro feedback module (1.3.0) | rsform! pro module frontend li (1.3.0) | mod_menu (2.5.0) | mod_articles_category (2.5.0) | mod_stats (2.5.0) | mod_breadcrumbs (2.5.0) |
modules :: admin :: mod_feed (2.5.0) | mod_custom (2.5.0) | mod_quickicon (2.5.0) | mod_popular (2.5.0) | akeeba backup notification mod (3.2.3) | mod_title (2.5.0) | mod_online (1.6.0) | mod_logged (2.5.0) | mod_multilangstatus (2.5.0) | mod_unread (1.6.0) | mod_login (2.5.0) | mod_status (2.5.0) | mod_latest (2.5.0) | mod_toolbar (2.5.0) | mod_submenu (2.5.0) | mod_version (2.5.0) | mod_menu (2.5.0) |

plugins :: site :: plg_user_joomla (2.5.0) | plg_user_profile (2.5.0) | plg_user_contactcreator (2.5.0) | plg_editors-xtd_readmore (2.5.0) | plg_editors-xtd_pagebreak (2.5.0) | plg_editors-xtd_article (2.5.0) | editor button - rscomments! on (1.0.0) | plg_editors-xtd_image (2.5.0) | plg_content_pagenavigation (2.5.0) | plg_content_joomla (2.5.0) | plg_content_loadmodule (2.5.0) | plg_content_pagebreak (2.5.0) | phoca documentation navigation (2.0.1) | content - itpsocialbuttons (1.4) | content - ppgallery (3.0815) | content - rscomments (1.0.0) | plg_content_tweet (1.3) | plg_content_emailcloak (2.5.0) | plg_content_finder (2.5.0) | plg_content_vote (2.5.0) | plg_content_geshi (2.5.0) | content - image gallery - sigp (1.4.1.1) | plg_quickicon_extensionupdate (2.5.0) | plg_quickicon_joomlaupdate (2.5.0) | plg_authentication_gmail (2.5.0) | plg_authentication_joomla (2.5.0) | plg_authentication_ldap (2.5.0) | xml-rpc - rsblog! pingback api (1.0) | plg_extension_joomla (2.5.0) | plg_search_content (2.5.0) | plg_search_contacts (2.5.0) | plg_search_weblinks (2.5.0) | plg_search_categories (2.5.0) | plg_search_newsfeeds (2.5.0) | plg_captcha_recaptcha (2.5.0) | plg_system_highlight (2.5.0) | plg_system_log (2.5.0) | plg_system_p3p (2.5.0) | acymailing : (auto)subscribe d (1.7.2) | plg_system_redirect (2.5.0) | plg_system_debug (2.5.0) | plg_system_sef (2.5.0) | plg_system_cache (2.5.0) | system - rscomments (1.0.0) | akeeba backup lazy scheduling (3.2.3) | plg_system_languagefilter (2.5.0) | plg_system_remember (2.5.0) | system - jck typography (3.4.8) | system - rsform! pro feedback (1.3.0) | plg_system_logout (2.5.0) | plg_system_languagecode (2.5.0) | acymailing manage text (1.0.0) | acymailing : trigger joomla co (1.7.2) | acymailing tag : joomla user (1.7.2) | acymailing tag : website links (1.7.2) | acymailing tag : content inser (1.7.2) | acymailing template class repl (1.7.2) | acymailing tag : date / time (1.7.2) | acymailing tag : cb user infor (1.7.2) | acymailing table of contents g (1.0.0) | acymailing : statistics plugin (1.7.2) | acymailing tag : manage su (1.7.2) | acymailing tag : subscriber in (1.7.2) | acymailing : share on social n (1.0.0) | plg_aoeditor_title (1.0.4) | plg_editors_tinymce (3.5.4.1) | plg_editors_codemirror (1.0) | editor - joomlack (6.0.4) | system - jck typography (3.4.8) | unknown (0.1) | unknown (0.1) | jtreelink (1.0) | unknown (0.1) | unknown (0.1) | unknown (0.1) | unknown (0.1) | unknown (0.1) | unknown (0.1) | plg_finder_content (2.5.0) | plg_finder_contacts (2.5.0) | plg_finder_weblinks (2.5.0) | plg_finder_categories (2.5.0) | plg_finder_newsfeeds (2.5.0) |
templates discovered :: wrote:templates :: site :: hs2aa1dec12 (1.0) | beez_20 (2.5.0) | hs2aat1 (1.0) | beez5 (2.5.0) | hs2aawide (1.0) | hs2aanov12 (1.0) | atomic (2.5.0) |
templates :: admin :: bluestork (2.5.0) | hathor (2.5.0) |

.htaccess/web.config: no
ok, not using htaccess file not enabled.

your site has elevated file permissions
elevated permissions (first 10) :: testsite/cache/ (707) | testsite/includes/cache/ (707)
very of hack code being hidden.
there htaccess file hidden outside of sites public_html area. file contains copy of htaccess file , contains redirect code. copied public_html area anytime hack detects modification of htaccess file.

there other hidden hack files , maybe root kit file on r domain.

follow before post topic clean , repair website.
viewtopic.php?f=621&t=582854 info contained there designed clean , repair website.





Comments

Post a Comment

Popular posts from this blog

How to change text Component easybook reloaded *newbee* - Joomla! Forum - community, help and support

-
Image
hi all, i started building websites joomla not long ago, can use help.. for got problem guestbook. i have installed easybook. , running on following website http://odoorn321.nl/ (under gastenboek) i want change text: waardering website (is dutch valuate website) waardering. idea rid of word website, because have valuate vacation home, not website. i have made screenshot of text want change. where , how going find css file change text? your appreciated! thanks no one? Board index Joomla! Older Version Support Joomla! 2.5 General Questions/New to Joomla! 2.5
Read more

After Effect warning: A problem occurred when processing OpenGL commands

-
i have after effects cs6 in computer cs5.5 installed. 64bit windows 7 ultimate 20gb memory , 2 amd radeon hd 6900 series display adapters drivers updated hour ago (driver date 27.7.2012, version 8.982.0.0).   when trying use after ecffects, error message " after effect warning: problem occurred when processing opengl commands " when clicking composition window.   what done? not much, i'm afraid. need older graphics driver. other disable second card or play configuration. unfortunately not smart person decided cs6 no longer need manual opengl control user, there's no way suppress within program force-revert software-only modes in case of such issues...   mylenium More discussions in After Effects adobe
Read more

Preconditions Failed. - Joomla! Forum - community, help and support

-
hello! i'm having problem; every time click save&close button, or save button, or close button module; following message appears: "precondition failed the precondition on request url /administrator/index.php evaluated false. additionally, 404 not found error encountered while trying use errordocument handle request." it happens modules. thanks in advance. problem description :: forum post assistant (v1.2.3) : 13th november 2012 wrote: can\'t save changes or close module. log/error message :: forum post assistant (v1.2.3) : 13th november 2012 wrote: precondition failed precondition on request url /administrator/index.php evaluated false. additionally, 404 not found error encountered while trying use errordocument handle request. last php error(s) reported :: forum post assistant (v1.2.3) : 13th november 2012 wrote: [04-mar-2012 01:25:56] php fatal error: call member function get() on non-object in /home/joommmy1/addon/youngstaer/sub/teenace/public_html/templates/...
Read more