0

Today I got that many of Joomla websites on my server are hacked.

  • Some of the hacked joomlas were updated (the last version from 2.5 series) with the last version.
  • In many cases, the main index.php were hacked (not the index.php of their templates).
  • Not ALL the joomla sites were hacked.
  • The hosting control panel is Directadmin
  • Centos's root password and Directadmin's admin password and the main reseller's password are strong enough.
  • For each joomla, all user's passwords were changed.
  • For one of the sites, the whole images folder were completely deleted.

The hacker might have let some backdoors for himself.

Previously this had happened, but since a very long time (about more than a year) this hadn't been occurred.

What should I do to make my server stronger enough? Is that very common?

I think that it's now the problem of the server, not the problem of each joomla site.

smhnaji
  • 619

1 Answers1

-1

These are some tips for your solution

Security Tips :

  • Change SSH port from 22 to another.
  • In DA control panel , login as Admin Level->Administrator Settings->Blacklist IPs for excessive DA login attempts.. set it to smaller than 10.
  • Change your mysql administration password and limit other users.
  • Do not use same password for your ssh , DA etc.
  • An antivirus is a good choice to block hackers.
  • If you have iptables on your centos , be sure that your configuration is strong.
  • Shared hosting have lots of defects and you have to monitor and check processes some times.

Although maybe this problem is for joomla security!

absfrm
  • 29