lanys Posted July 15, 2006 Posted July 15, 2006 Hello, I have mambo portal. And today i have found it hacked. And i cant delete some directories with files, which has benn crated by "hackers". I tryed "File manager" in CPanel, but i cant delete. Please help Quote
TCH-Thomas Posted July 15, 2006 Posted July 15, 2006 You will need to contact the helpdesk about this. Link on top of page and in my signature. Too, also be sure that you run the latest version of any script that you have. Also be sure to use strong passwords for everything that needs passwords to prevent these things. Quote
lanys Posted July 15, 2006 Author Posted July 15, 2006 You will need to contact the helpdesk about this. Link on top of page and in my signature. Too, also be sure that you run the latest version of any script that you have. Also be sure to use strong passwords for everything that needs passwords to prevent these things. Thanks for help. I have posted on support desk... Quote
stevevan Posted July 15, 2006 Posted July 15, 2006 As Thomas has suggested, verify that you are running the latest version by visiting the Mambo homepage and comparing version numbers. It's your responsibility to keep up with it...not TCH's. Also the password suggestion is a wise idea. For example, just yesterday morning, I set up a Linux machine on my static DSL connection. Within 6 hours, I had three people try breaking into it by running a script that generates common names. So when you choose passwords, make it a combination of characters, numbers, and punctuation. It seems some people have nothing better to do in life than hack into other people's websites. Quote
lanys Posted July 15, 2006 Author Posted July 15, 2006 Yep. Maybe i have forgotten to update to the last version of mambo.. And today, when i came, my site redirected to the http://www.dengesizler.org :S If i have a full backup, how i can upload it ? ~70Mb is a litle bit to big, to apload by CPanel... Quote
TCH-Thomas Posted July 15, 2006 Posted July 15, 2006 Only the helpdesk can restore a full backup. You need to upload it to somewhere in your account and then ask the help desk to restore it. Upload it through the filemanager in cpanel or through ftp. Or you can ask the help desk if they have a backup, but this backup may be older than your own backup. Quote
TCH-Thomas Posted July 15, 2006 Posted July 15, 2006 Addition: I have made the link in your previous post inactive for obvious reasons. Quote
lanys Posted August 6, 2006 Author Posted August 6, 2006 Today i have got my site hacked. In mambo directory was wriiten index.html file. How they can do this? Where can i find any logs on my server ? I looked in to error logs, but i dont know what to search ? Quote
Samrc Posted August 7, 2006 Posted August 7, 2006 This is the second time in less than a month. Once you were back up, did you upgrade the script and change your password as recommended? Passwords should not have words from dictionary, should have random letter number and possibly characters for best security. Quote
TCH-JimE Posted August 7, 2006 Posted August 7, 2006 Hello, There are many possible reasons why it could have happened again, let me name a few: 1) One of your folders is not correctley CHMOD. That it, if you have a 777 folder, people can write anything to this folder. 2) Are you sure there are no other admins in your mambo account, e.g. one that could have been created by a hacker? 3) Are you sure all your mods to mambo are up to date. Some mods are old and not supported correctley any more and hence are lacking security updates. 4) As mentioned above,make sure your passwords are at least 7 letters long consisting of numbers, letters and punctuation marks. 5) Change your mysql database password too. As suggested many times above, contact the help desk stating what has happened. The server guys are brillaint and will be able to point you in the right direction. JimE Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.