...

Posts in category Joomla

Joomla > Repair c99madshell hacked site

Jun07
2011 Leave a Comment Written by Scott Rowley

This is information on removing the c99madshell hack that can get into some Joomla 1.5 sites. Most of this content is an original article of News Blog. I was only able to find one portion of this myself before finding their article, kudos and thanks go to them.

If you see the following Joomla error appearing on most Joomla pages including admin section

File Not Found The requested URL was not found on this server
OR
If you have a list of spam links

then your installation has likely been compromised. There is a security bug in Joomla 1.5 allowing a hacker to reset your admin password.

You should take the following steps to get rid of the error message and secure your Joomla:
READ MORE »

Posted in Web Development - Tagged , , , , , , , ,

Joomla > Secure your site with jSecure

Oct27
2010 Leave a Comment Written by Scott Rowley

If you’ve got joomla installed chances are good that you are going to get your site hacked sooner or later. The more security holes you leave up the sooner that is going to be. Here is one tip on closing a particularly obvious security hole. Joomla installs with a /administrator folder for all sites, knowing this a hacker (or anyone familiar with joomla) can go to http://www.example.com/administrator and voila you are at the administrator login page. If they’ve used a few other hacks they will already have reset the administrator login password as well. Here’s how to change how you get to your administrator page:

Download jSecure from the extension repository on joomla.org
(Don’t forget where you download it to)

Log into your administrative section and click on “Extensions”, then “Install/Uninstall”
Click on the Browse button and locate the jsecure file (plgSystemJSecure-1.0.9.zip unless you renamed it or the file has been updated since this post)
Click “Upload File & Install”

You should get a message back stating that the install was successful, now we just need to finish up by configuring it.

Click on “Extensions” again, then “Plugin Manager”
If you don’t see it already type “jSecure” in your filter, then click on “System – jSecure Authentication”.
First off we need to change the key, enter something into the key that you will be able to remember but will not be easily guessable by a hacker.
Next you can change your redirect option to either go to a custom 404 page you have, go to the index page, or remain where it currently is.
Lastly change the “Enabled” radio button from “No” to “Yes” and hit “Save”.

You are all set, from now on when you need to get to your administrator section you will type in http://www.example.com/administrator/?<your_key>

Tagged , , , ,

Joomla > session.save_path error

Oct27
2010 Leave a Comment Written by Scott Rowley

“Cookies do not appear to be enabled on your browser client. You will not be able to install the application with this feature disabled. Alternatively, there could also be a problem with the server’s session.save_path. If this is the case, please consult your hosting provider if you don’t know how to check or fix this yourself.”

Should you run into this problem the issue is likely that the session.save_path setting in php.ini is set to either an incorrect setting, a wrong permission on the folder, or no setting at all. If you have access to the servers php.ini file you can change the setting to something like the following:

session.save_path = /tmp

If you do not however, have access to this file then your next option is to use a .htaccess file (obviously you will then need to hope you are on an Apache server, not Windows/IIS). You can then enter this setting into your .htaccess file and achieve the same result. For instance:

php_value session.save_path "/isp/websites/sites/example.com/docs/tmp"
Tagged , , ,

Joomla > Preview template before going live

Oct27
2010 Leave a Comment Written by Scott Rowley

Simply install/modify the template the way you want it and then specify the template via a URL parameter such as:

Normal Site: http://www.sudobash.net (Note – I’m no longer on Joomla so these links won’t work – you’ll need to do it on your own joomla site(s) )
New Template: http://www.sudobash.net/?template=ja_purity

Then check it out from there. You don’t need to change your template to the “live” one until you are sure its good. Then just change it via the “default” button in the Joomla Templates section like normal.

You may also find it useful to show the templates module locations, this can be done by adding ?tp=1, or if you are doing both it would be something like http://www.sudobash.net/?template=ja_purity&tp=1

Tagged , ,

Be Heard!

Authors needed! Feel like sharing your tech wisdom with the world? We are looking to expand our writer base and would love to hear from you. We need articles on any relevant technology/software/media/howto/etc (Well...lets at least hold to the legal stuff ;)

Just email scott (at) sudobash (dot) net

Corrections? Questions? Comments?

Find an error?
Everything work out great for you?
Have some feedback?
Like to see something added to the article?

PLEASE leave us a comment after the article and let us know how we are doing, or if something needs corrected, improved or clarified.

Thank you!
- The Management

Back to Top