Prolateral Consulting - Has your Joomla!-Powered Website been hacked and if so, how can you tell?

Has your Joomla! -Powered Website been hacked and if so, how can you tell? A lot of clientshave come to us recently only having found out that their website had been hacked whenpotential customers did a Google search. They found notices about their website saying 'Thissite may be compromised' or 'This website may harm your computer'.  Or you may havereceived emails from Google AdWords saying your Ad Campaigns have been suspended orsite-suspended due to Malware.

Your business doesn’t want visitors to feel at risk when browsing your website as this couldimpact your company’s reputation. These messages are displayed by Google when they feel awebsite may have been comprised, either by the placement of spam links or the placement ofmalware that could harm users computers. Google display these message to protect theirusers.

There are two ways that you can make your website secure and they are 1) Clean yourwebsite/server yourself or 2) Hire a Joomla Security Expert to do it for you.

Just recently we (Prolateral) have seen an increase in Joomla! site hacks due to a vulnerabilityin the JCE editor, which I’m pleased to say has been resolved in the latest version.  It’s worthpointing out that although we have seen an increase in the number of hacks on sites thatJoomla! is still a fantastic CMS (Content Management System) and in fact the main reason

1 / 3

Prolateral Consulting - Has your Joomla!-Powered Website been hacked and if so, how can you tell?

these sites have been compromised is that its success makes it a good target and also down tothe lack of automated patch management in older versions of Joomla!.

So you’re left wondering if you have been affected by this hack? Well the sure tell-tale sign is tolook in your /images folder. If there are PHP files in there then it’s very likely you have sufferedfrom a security vulnerability in JCE.  Of course if you haven’t got JCE Editor installed then thishack is unlikely. Recovering from the hack can be a little tricky and our advice is talk to a Joomla! professional(we can help you), however if you really want to have a go at it yourself then the list below willact as a guide.

- Ensure you have a good backup, hopefully before the hack took place. Akeeba Backup isa really useful tool for this. - Check for any files that have been added or modified recently and if necessary clean thefiles up. - Ensure you are running the latest version of Joomla!, if not then you should patch upgrade - Upgrade to the latest version of JCE Editor - Install Admin Tools by the same people that do Akeeba and check the file systemsecurity and access rights - With Admin Tools also purge the sessions and clean the temp directory - Also worth considering is changing the super administrator ID which by default is alwaysthe first account created therefore easy to predict the ID number in the users table of thedatabase.  This can be changed also by using the Admin Tools component.

As further protection to your Joomla site you should consider installing firewall componentssuch as RS Firewall which has some cool security features such as enabling a lock-downpreventing installing/uninstalling of components, modules or plugins.  The ability to restrictaccess to your Joomla! site based on GeoIP location.  To prevent someone brute forcing thepassword there is also a Captcha process that kicks in after a specified number of failedattempts and then even the ability to blacklist the IP Address if it continues, of course it is highlyrecommended that you whitelist your own IP Addresses first before you accidentally lockyourself out of your own site.

Prolateral are experts in CMS (Joomla) sites and consultancy.  If you have been hacked or youjust want to talk to us about securing your Joomla! Site then please drop us a line, we wouldlove to hear from you.

2 / 3

Prolateral Consulting - Has your Joomla!-Powered Website been hacked and if so, how can you tell?

About Prolateral

Prolateral Consulting is in business to put your organisation back in control of your ownInformation Technology, specialising in information and messaging security, computer forensicservices, and disaster recovery planning.

Contact Info

Prolateral Consulting LtdLuton, Bedfordshire, UKTel : +44 (0) 8450 763760Email : info@prolateral.com

Instant Information request

Please complete the request for information if you wish to discuss matters further or if yourneeds are more urgent then you can request a call back from us.

3 / 3