1
hunden
Site got hacked
  • 2006/7/4 10:00

  • hunden

  • Just popping in

  • Posts: 23

  • Since: 2005/5/21


Hi!

My portal has been hacked and all pages in admin center are redirected to http://web.1asphost.com/boluk . I checked the XOOPS forums and found out that MyAds is probably the problem. I turned off the module and deleted it.

Now I am trying to find this redirect. Any idea where I should search? Redirect is on every page that is in admin center, modules and everything else too.

Bye, hunden

2
hunden
Re: Site got hacked
  • 2006/7/4 12:42

  • hunden

  • Just popping in

  • Posts: 23

  • Since: 2005/5/21


No help needed anymore!

Decided to drop xoops. After one year of XOOPS I have pretty much enough of it all and decided to go back to html.

The guy who hacked it did pretty nice damage with destroying articles and putting up redirects everywhere. Shame, if I never would have gone for XOOPS and stay with html pages everything would still be ok.

All I can say to newbies is IF you don´t know php or know just little don´t even think about Xoops, Mambo and similar because sooner or later you will be burned with it all. It will take tons of time to get everything to look like you want it and tons of work to make it perfect. When you will think you finally did it one module which you downloaded and installed will be enough for one smart ass to destroy it all.

Bye, hunden

3
Dave_L
Re: Site got hacked
  • 2006/7/4 13:01

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


Personally, I wouldn't use XOOPS or other scripts on my site if I didn't know PHP and MySQL.

But your current problem might have been solved by restoring a backup, assuming that you backed up the site regularly.

4
davidl2
Re: Site got hacked
  • 2006/7/4 13:13

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


I would also recommend installing "Protector".

My own site was recently hacked, because of a stupid error I made myself... but thanks to a backup I didn't lose as much as I feared I had.

Needless to say I installed protector straight away - and cursed myself for not doing it earlier

5
MadFish
Re: Site got hacked
  • 2006/7/4 14:33

  • MadFish

  • Friend of XOOPS

  • Posts: 1056

  • Since: 2003/9/27


Quote:
The guy who hacked it did pretty nice damage with destroying articles and putting up redirects everywhere. Shame, if I never would have gone for XOOPS and stay with html pages everything would still be ok.

All I can say to newbies is IF you don´t know php or know just little don´t even think about Xoops, Mambo and similar because sooner or later you will be burned with it all. It will take tons of time to get everything to look like you want it and tons of work to make it perfect. When you will think you finally did it one module which you downloaded and installed will be enough for one smart ass to destroy it all.


I think if you work with the web long enough you are bound to be lose your site sooner or later - maybe through a hacker, a disk crash or your hosting company going out of business. Simple HTML may be safer but a hacker can still wipe out your site by hammering some other hole in the server.

The only way to stay in business is to backup regularly, html or XOOPS doesn't matter.

6
davidl2
Re: Site got hacked
  • 2006/7/4 14:49

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


I've known enough html sites get hacked as well... (especially using IIS .. but that's another story!) ... backups are the only safe thing to do.

7
DIDI5
Re: Site got hacked
  • 2006/7/4 15:00

  • DIDI5

  • Just popping in

  • Posts: 36

  • Since: 2006/3/24


When choosing you provider (if you're not hosting your site yourself)
It is worth asking your future provider if they backup their DATABASE daily.
Most of them does. Your safety is theirs also.
For a small inferior fee they're willing to provide you with a copy of your DB .
Some providers, gives you the options in their package, -if you want a copy of your DB daily or weekly monthly or not at all.

8
davidl2
Re: Site got hacked
  • 2006/7/4 15:02

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


I believe you can get dedicated XOOPS hosts (such as provided at http://www.xtotal.co.uk ... no i'm not getting commision!) who may be able to offer this?

9
msdana
Re: Site got hacked
  • 2006/7/4 15:19

  • msdana

  • Just can't stay away

  • Posts: 817

  • Since: 2005/12/11


My web host performs a backup daily, but let's not forget that XOOPS users can backup the database using the Backup and Restore module in the repository.

Also, there are some inexpensive backup programs available that allow you to backup from an FTP so people can backup web files.

Twice a week, I, myself, do a backup of all my websites databases and burn them to a disc. Also, twice a week(sometimes more) I make a backup of all my web files. This is automated with my backup program when I am sleeping and I burn those files to disc.

I also make a backup of my entire computer system as a responsible computer user should. Computer crashes, server crashes and web hacks can happen at any time to anyone. It doesn't do to blame programs, web hosts, etc -- computer users need to have some responsibility and take the necessary (EASY) precautions.

I like knowing that I can retrieve my own databases and web files in case something happens
[size=x-small]If God is watching us, the least we can do is be entertaining.[/size]
Graphic Worx : Xoops Themes

10
DCrussader
Re: Site got hacked

Quote:

Decided to drop xoops. After one year of XOOPS I have pretty much enough of it all and decided to go back to html.


Heh, year ago I decide the same, HTML is nice, easy... but after few months of searching what to use for my clients, from Notepad Plus to Xaraya, Nukes, Website Bakers, some nullified CMS which pretends to be better then anything else - SubDreamer... I understand that currently there is a only two systems which can be used with ease to build and maintain corporate sites. They are Mambo and XOOPS (as core).

Instead of loosing time with HTML editors such as NotePad Plus :), pick like me, I'm still with XOOPS but with different core :), Ono's XOOPS, make at least one backup per week, do not leave folders (except uploads, templates_c and cache) with 777 permissions, and everything will be fine.

MyADS works fine with 2.0.13.2 from one year, the same (almost) from six months works on 2.0.13a to 2.0.15.

Redirects are simple way of overtaking your root/index and replacing it with index.html - http://www.xoops.org - several months ago. This is possible on Apache 2.0.54 or later with 777 permission on your root folder.

Find sometime and read Apache manuals, there are detailed descriptions of .htaccess and .htpasswd, with a lot of examples for the most insecure CMS - PHPNuke, learn from them, Nukers are hacked, downed and removed each new release, each new untested and unsertificed modules when they install.

For XOOPS there are two security modules, Protector (only if u are paranoic) and Statistics (IBDeeming) 0.60, 0.75.

Saying XOOPS (no matter which core) sux is a big mistake, there is just no replacement for it, I hope as me (or faster) will realize the one thing :

There is a difference between knowing the path and walking the path Neo :)

Here (some times) u can get accurate answer if u are post accurate problem, and sometimes may not got an reply from year, but if u change for example to HTML who will help u, or u are HTML Guru ? hehe, we are only humans, there is no Guru's, masters, even the PHP.org developers makes mistakes.

Or if u pick Nukes, Mambo/Jambo (oops Joomla), Mitra, NS Mamu - yeah 4 forks, the same like XOOPS, who will help u better, the renegade community - Joomla (which with few answers can force u to forget forever about this fork), Mambo - We are borg, prepare to be assimilated, they're answer only to dedicated Mambo users, Mitra - u have to learn Iraqs or NS Mamu - Thai ?

There is no better community from the 3 XOOPS Forks, all together their forums and sites are great and valuable storage of knowledge, and not only to XOOPS related questions/problems.
May The Source Be With You!

Login

Who's Online

331 user(s) are online (263 user(s) are browsing Support Forums)


Members: 0


Guests: 331


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits