hello gurus, two of my joomla websites have bn hacked, one by amin safi ( a tunisian hacker), the other one by as (unidentiied). pls help out, should i re-upload? even if i do, it might still be vulnerable, what was my shortcomings? help out pls

What version of joomla are you running?

Sorry to hear this, However, more details are required about the hacked sites for u to get any tangible help!

1.) If you're using 1.5, upgrade to 1.7. .
2.) Hire a web security professional to conduct a risk assessment of both sites. . .'cos I'm 90% sure there's a PHP shell in one of your folders. .

thanks for the responses, i used joomla 1.5 for one of the site and 1.6 for the other one. the index pages are blank except that the hackers wrote " hacked by amin safi" and "hacked by as".
whats next?

You have your answers already

Did u bother to read the joomla security docs at all?

so whats d way forward?

Please read this and follow instruction

http://docs.joomla.org/Security_Checklist_7

Theses tips will help:
1.change ur backend login username from Admin to something hard to guess.
2.change ur database default prefix jos_ to another thing u can ask Google how to do it or Pm me.
3.always use the current version of joomla as older versions always contains vulnerablities
4.check the user manager for unusual names and phony registrations and delete them this could be hackers who have gained entrance to ur backend.
Backup! Backup!! Using akeeba pm me on how to do it if u do not know how to do it.
Shadowblaqq.

^^^All these ones are Stories if there's a backdoor hidden in the webserver. .

@ Shadow tnx for the info.@sly wat r d solutions then

quest4$:

@ Shadow tnx for the info.@sly wat r d solutions then

Your answer here

Shadowblaqq:

Theses tips will help:
1.change ur backend login username from Admin to something hard to guess.
2.change ur database default prefix jos_ to another thing u can ask Google how to do it or Pm me.
3.always use the current version of joomla as older versions always contains vulnerablities
4.check the user manager for unusual names and phony registrations and delete them this could be hackers who have gained entrance to ur backend.
Backup! Backup!! Using akeeba pm me on how to do it if u do not know how to do it.
Shadowblaqq.

+

Slyr0x:

2.) Hire a web security professional to conduct a risk assessment of both sites. . .'cos I'm 90% sure there's a PHP shell in one of your folders. .

Before you implement the tips mentioned above, you need to 1st understand how your website/web application got compromised. .This is the 1st step. . .and that takes us to hiring a Web security professional (one who knows the art of log-reading). .That way, he/she can then proffer solutions as to how to get these security gaps closed

schneid:

hello gurus, two of my joomla websites have bn hacked, one by amin safi ( a tunisian hacker), the other one by as (unidentiied). pls help out, should i re-upload? even if i do, it might still be vulnerable, what was my shortcomings? help out pls

Update: recently i had an experience i want to share wi th you guys and that is:Do not install joomla templates,extensions components,plugins and modules from "UKNOWN SOURCES" cos hidden in these freebies can be TROJANS, EXPLOITS, and COMPROMISED CODE.

Shadowblaqq:

Update: recently i had an experience i want to share wi th you guys and that is:Do not install joomla templates,extensions components,plugins and modules from "UKNOWN SOURCES" cos hidden in these freebies can be TROJANS, EXPLOITS, and COMPROMISED CODE.

Exactly, i was just gonn say that. Nothin is totally free.

I totally agree that no site is un hackable, the best thng to do now is to hire an expert, or kindly wipe out the entire installation if u have the backup.