« previous next »
Pages: [1]

Author Topic: Website hacked :(  (Read 1086 times)

  • Offline zpyder

  • Posts: 6,946
  • Hero Member
Website hacked :(
on: April 17, 2008, 23:29:46 PM
Hi all.
Id appreciate any help you guys can offer on this. My final exams are coming up within a month and I really cant be dealing with this right now!

Basically, my website is: http://www.zpyder.co.uk/
Its using a fantastico installed joomla script, with zoom media gallery.

I hadnt made any changes recently, and to be honest, dont check up on my site that often at all. Today though I came across a bunch of "Warning: Cannot modify header information - headers already sent by".... messages at the top, and these things even go into the administration back end, preventing me from logging in.

I think my website was hacked previously, or the server was when I was with a previous host.

Reading up on this error it says about php tags not wanting blank spaces or lines. Going through the php files listed in the error, I have iframe code tacked onto the bottom of the files:

Note I think the site listed in the code below may be harmful so please dont visit it!
; ?>

Deleting this gets rid of the error but instead it is replaced with another page/php file. I get the feeling that this code is on every single php file...

My questions are:

If this is a hack, how can I prevent it from happening?

Is there anything I can do to repair the joomla install rather than start from scratch?

Any help and suggestions you guys can offer will be appreciated. I love the ease of using joomla, but as it seems every time I just get happy with it something like this happens, Im wondering whether itd be better to go back to basics with HTML
Logged

  • Offline neXus

  • Posts: 8,749
  • Hero Member
Re:Website hacked :(
Reply #1 on: April 18, 2008, 00:38:57 AM
if you use things like joomla and addons for it you need to keep updating them when the updates are there really, with any site it is something you got to keep on top of.
BUT it is worth checking if your hosting company server has other sites and if they have similar as it would not be the first time the server was hacked into rather then your section of it.
Logged

  • Offline zpyder

  • Posts: 6,946
  • Hero Member
Re:Website hacked :(
Reply #2 on: April 18, 2008, 00:51:17 AM
Yeah thats what I was thinking. Ive let them know.

The most bizarre thing is that I have a subdomain that I host a friends website on. The hack-script thing bypassed all her pages! Lucky sod.

I think the next version of my website is going to be back to basics methinks. Im not that fussed about coding or regular updates. Probably end up being a photo repository and CV :/
Logged

  • Offline neXus

  • Posts: 8,749
  • Hero Member
Re:Website hacked :(
Reply #3 on: April 18, 2008, 01:09:57 AM
Quote from: zpyder
Yeah thats what I was thinking. Ive let them know.

The most bizarre thing is that I have a subdomain that I host a friends website on. The hack-script thing bypassed all her pages! Lucky sod.

I think the next version of my website is going to be back to basics methinks. Im not that fussed about coding or regular updates. Probably end up being a photo repository and CV :/


Wordpress tbh seems good once you get past some of the limitations and most sites it is all you need and is updated often enough to be secure, do not hear to many sites that use it being hacked. Mind you you do not get that many joomla either if you update it.
Logged

  • Offline SteveF

  • Posts: 1,743
  • Hero Member
Website hacked :(
Reply #4 on: April 18, 2008, 09:42:48 AM
Quote from: zpyder
Hi all.
Id appreciate any help you guys can offer on this. My final exams are coming up within a month and I really cant be dealing with this right now!

Just ignore it - your websites not mission critical and youve got other stuff to be doing.  Its not like it cant wait for a month or two.
Logged

  • Offline zpyder

  • Posts: 6,946
  • Hero Member
Re:Website hacked :(
Reply #5 on: April 18, 2008, 09:48:38 AM
Tis what Im gonna do tbh.

Its not like I get hundreds of visitors a month or anything hehe

As to wordpress, there was rumour that this attack may have come through a module or component in it heh.


My website housekeeping is terrible, with folders of galleries and things from past incarnations of my website dating back years. Every app that may have been the route in I had hehe, wordpress, coppermine, joomla. Id say from what I read last night its 50:50 between coppermine and wordpress. Annoyingly both of which I wasnt using, but never uninstalled!
Logged
Website hacked :(
Reply #6 on: April 18, 2008, 10:00:06 AM
When i was with the god awful bluguy hosting their whole servers were hacked by some islamist terrorist group.

Lost everything that was there due to them not being secure.

Wasnt surprising really, the whole company fell apart, you know it is bad when the support forums are just full of porn links.
Logged

  • Offline zpyder

  • Posts: 6,946
  • Hero Member
Re:Website hacked :(
Reply #7 on: April 18, 2008, 10:06:52 AM
Yeah. I get the feeling the shared hostgator servers may not be totally secure, but at the end of the day you pay for what you get. And service wise cant fault em. Uber helpful support forums and support tickets that are answered within a few hours no matter when you place em. Even though the support this time consisted of:

"Joomla is often the focus of attacks, please change all your passwords"
Logged

  • Offline SteveF

  • Posts: 1,743
  • Hero Member
Website hacked :(
Reply #8 on: April 18, 2008, 11:17:29 AM
Quote from: Sweenster
When i was with the god awful bluguy hosting their whole servers were hacked by some islamist terrorist group.

Yup that was the day I switched to godaddy.

That got me in a ton of problems.  Wish theyd told us it had changed ownership.
Logged
Pages: [1]
« previous next »

0 Members and 1 Guest are viewing this topic.