Hi
Just to bring you up to date Anthony and provide a "be alert" warning to everyone operating their sites ... the bad guys hacked my site and got me bad! Tom at Joomlajabber was a great help and found the server was riddled with trojans and virus (over 2000). He said that while my out of date "Virtuemart" component was a factor in the guys getting in, there was also problems with the security on the host server (webcity) they have a root kit on the server and its used for spamming and music distribution. The host is in denial. I've closed my account with web city and am setting up elsewhere.

So for what its worth heres what I learned:
1. Keep your components up-to-date
2. Monitor closely anyone logging onto your site as a user. I am thinking that depending on where I locate, I may well get users to email me and I will set up their login. The bad guys were the first users to register on my site and spent a month there before making a complete mess of things before they let me know.
3. Be alert to anything "different" happening on your site. This is really difficult when, like me, you are in the process of learning how to use joomla, virtuemart etc. The bad guys having gained access as a user, got my admin username and password by getting an extra login screen (identical to the one I used to login to the backend of the site) to pop up when I clicked on the virtuemart component.
4. Do your research when you organise a host - make sure they have good security and a process to keep their software up to date. I'll be looking at a number of options to multiple user hosts suc as vpns.

Thanks Anthony for your help also. I'll try to get that stuff in the post to you this coming week!
Cheers
laurie

Thanks a heap Laurie and Im glad Tom was able to help you. He was a godsend for me a year or two ago when I needed his help.

Hope the finishing of the site is less eventful

Anthony

A side note, a good idea is to use some other means of logging in to your backend, btw. I've installed the jAuthenticate plugin which blocks access to the default joomla/administrator/ login screen and allows access to the admin page only when you access it through a set path (ie joomla/administrator/?secretPass).

There are probably others out there as well..

Dear Erica,

Could you provide a link to 'jAuthenticate'. I could not find it within the Joomla extension listings.

Thanks,
Ed

Hey Ed,

Sorry, I mis-typed that extension name... did a search and here is the link.

jSecure Authentication Plugin :
extensions.joomla.org/extensions/access-&-security/site-security/5809/details

Dear Erica,

In between my reply post and your response, I found this plugin... WOW! I had no idea this was available and now, OMG what a blessing! Thanks for you follow-up post I'll feel a little safer once I distribute this application across all of my Joomla sites.

Ed

Ed,

Glad I could help! Don't you just love little extensions that make your Joomla life easier and more secure?

Yeah thanks Erica that looks great - I'll definitely be using it on the JB reboot

Thanks Anthony

In order to trick source code snoppers from seeing,
'<meta name="generator" content="Joomla! 1.5 - Open Source Content Management" />'
place the following code string inside your index.php file.

Joomla Bamboo templates:
Right under, '<jdoc:include type="head" />' add this code string and replace 'ANY TEXT HERE' with whatever you wish
In other non Joomla Bamboo templates you'll need to use the following code string
Finally, you'll have to play around with the placement of the last code string. In some templates it works above the <head> calls while others need it in between the <head>.

If placed correctly inside your index.php file you'll now see;
<meta name="generator" content="ANY TEXT HERE" />

Hope this helps anyone out... It's a must do on every Joomla install I do!

Ed

Awesome thanks Ed - just made this topic a sticky I think its pretty handy

Yep, thankyou very much Erica and Ed! This one goes straight into my bag of tricks no questions asked

I have a Joomla site that was recently hacked as well. It's definitely going around! Even though the other sites I've built are not Joomla, I'm upgrading the security on all of them. I was able to restore the Joomla site and change all the admin & user login info, and I was planning to change the administrator login link as well. It sounds like the plugin you mention here will work well for that.

I'm using the Max Biz template and need to upgrade the site from Joomla 1.5.5 to the current version 1.5.12. Should I just follow the standard Joomla upgrade instructions, or is there anything specific I need to take into account with this template?

Hi Kristin,

Sorry to hear that

Yes standard upgrade is fine with MaxBiz.

Good luck with it.

Anthony

some other suggestion also never send any information such as hosting or administrator username and password through yahoo email account
its happened with 1 of my client's site
i was though since my clients is my friend, so i can send him every information regarding to his site through yahoo mail
someday, i saw his email account keep spamming , and i still didnt pay attention on that. until after a few days later, i realized that someone has deface his site

Ouch sorry to hear that Robyn but it's certainly a good point.

Anthony