free real slot machine downloads
Popfreeradio.com Forums
Welcome, Guest
Please Login or Register.
Lost Password?
_GEN_GOTOBOTTOM Post Reply Favoured: 0
TOPIC: Joomla Users
#2151
Faultyjay (User)
brings little to the table
Posts: 106
graph
User Offline Click here to see the profile of this user
Joomla Users 2008/08/20 11:47  
I would highly recommend getting updated to the 1.5.6 version. There have been hundreds of people in the community being hacked recently.

Faultlinemusic was hacked this weekend as well as one of my clients sites.

Joomla.org was also hacked/defaced which is why they quickly released a new update.

The more you know.......
  The administrator has disabled public write access.
#2170
Chronic (Admin)
Admin
Posts: 511
graph
User Online Now Click here to see the profile of this user
Re:Joomla Users 2008/08/21 13:53  
we're still running 1.0.15... migration was unstable 6 months ago. Looks like upgrading now is easy... we'll have to do the 2-stage jump and go through 1.5 and 1.5.6
  The administrator has disabled public write access.
#2185
Faultyjay (User)
brings little to the table
Posts: 106
graph
User Offline Click here to see the profile of this user
Re:Joomla Users 2008/08/22 13:21  
Deathwish got hacked last night too....

I would suggest backing up soon and updating.

Also, you should backup the SQL database... If you need me to help in either process, let me know. I have over the last week updated and backed up, 6 sites running Joomla.
  The administrator has disabled public write access.
#2188
Chronic (Admin)
Admin
Posts: 511
graph
User Online Now Click here to see the profile of this user
Re:Joomla Users 2008/08/22 13:41  
I'll get on that this weekend...

I really need to "hire" more people.
  The administrator has disabled public write access.
#2190
Disorder Lee (Admin)
Admin
Posts: 111
graph
User Offline Click here to see the profile of this user
Re:Joomla Users 2008/08/23 09:53  
Big thanks for the heads up. Right now we are currently backed up, but I want to test the migration of the backup files on our in-office server to evaluate losses/risks as opposed to just going live.
  The administrator has disabled public write access.
#2191
Faultyjay (User)
brings little to the table
Posts: 106
graph
User Offline Click here to see the profile of this user
Re:Joomla Users 2008/08/23 13:52  
Yeah I started with joomla right at 1.5 so im not sure how stable the migration is from 1.0 to 1.5 but the 1.5.x-1.5.6 is like kids play. I tested one upgrade on one site then just did live updates on the rest... no issue, no problems.

One thing to note... just so you know what to look out for. When they did my clients they got a php and perl file into the images folder, the only folder users could write too. I failed by having the image folder execute enabled. The php file was a brute force password hack for the admin users password, within 20 minutes based on logs, they were in and had specifically attacked the MySql database. The MySQL database also has FTP access saved, if you chose that option which I had, that gave them FTP access to change permissions on all folders, etc etc. My clients SQL back ups daily, since its an association with over 50 contributors. Deathwish we never had backed up and its pretty much hosed. BTW... we found out that deathwish happened yesterday morning after 7am before 11am from the netherlands.... I wonder if that kid was up late pissed off about school and listening to death metal while he hacked it. My other clients was last saturday at 8pm from Turkey.
  The administrator has disabled public write access.
_GEN_GOTOTOP Post Reply
Powered by FireBoardget the latest posts directly to your desktop
 
certified fantasia home parties representative

Apple iTunes