Joomla砍死了.怎么预防? [英] Joomla hacked. How to prevent?
问题描述
好,所以我的一个网站(在joomla上)正像第六次一样被黑...
Ok, so one of my websites ( on joomla) is being hacked like the 6th time...
我不会告诉你任何故事.只有事实:
I won't tell you any stories. Only facts:
首先,我发现模板索引文件中出现了一些外来代码:
Firstly, I found that in template index file appeared some alien code:
<div id='hideMe'> <p>Every person knows the large quan...|...ur cure Viagra <a href="xxxxx">Viagra</a> </div><script type='text/javascript'>if(document.getElementById('hideMe') != null){document.getElementById('hideMe').style.visibility = 'hidden';document.getElementById('hideMe').style.display = 'none';}</script>
然后我在tmp文件夹中找到了一个名为asd.php的文件
Then I found in tmp folder a file named asd.php
我试图对其进行解码,并得到类似以下内容: http://www.codr.cc/97c183
I tried to decode that and got something like: http://www.codr.cc/97c183
这是怎么发生的?黑客如何获得创建文件的权限?所有文件夹的权限为755,文件-644.
How did this happen? How hacker got an access to create a file? All folders perms were 755 and files - 644.
Joomla没有任何不安全的模块,组件或模板. 一切都是最新的.
Joomla doesn't have any unsafe modules, components or templates. Everything is up to date.
我还应该采取什么措施来防止将来的黑客入侵?
What else should I do to prevent future hacks?
推荐答案
第六次未被黑客入侵.您已经被数十种僵尸程序所黑客入侵,并且您的系统已成为后门程序.您删除了感染后,机器人就会将其恢复.
It hasn't been hacked for the 6th time. You have been hacked by dozens of bots and your system is backdoored. You remove the infection and a bot will just restore it.
发生这种情况是因为您的软件已过期.
This happened because your software is out of date. It likely some plugin or even joomla its self is very old.
如何防止这种情况?好了,您可以查找系统强化指南,并且其中有很多.无论如何,您都需要从头开始.完全重新安装焦土风格的joomla及其所有组件.确保新系统上的所有内容都是最新的.
How to prevent this? Well you can look up system hardening guides, and there are a lot of them out there. Regardless, you need to start for scratch. Completely reinstall joomla and all of its components, scorched earth style. Make sure everything is up to date on the new system.
如果您仍然遇到问题,请雇用专业人员.
If you are still having problems, hire a professional.
这篇关于Joomla砍死了.怎么预防?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
