Mandatory information about my setup:
Have I read the related troubleshooter articles above before posting (which pages?)? yes
Have I searched the tickets before posting? yes
Have I read the documentation before posting (which pages?)? yes
Joomla! version: 1.5.26
PHP version: 5.1
MySQL version: 5.3
Host: rochen
Admin Tools version: 2.2.4
Description of my issue:
I had two accounts hacked on 4/4 on my rochen server Marbella...there are numerous other reported hacks (rochen forum), down sites on that server as well as repeated brute force attacks, and like myself, some have admin tools installed. These hackers go by the name SVU, and even have a boastful facebook page.
In response to tickets this is the "cut and paste" rochen response:
I have applied the IP of the offenders to my "tools blacklist" and have not had issue with them since.
Although, others have been recently hacked. Is there a way to blanket my account using the admin tools blacklist, or to apply a htaccess directive to all accounts (even non-joomla), or better yet...can't Rochan or any server administrator apply a firewall block for the offending IP to stop their continued access?
Thanks for whatever you wish to address...
Have I read the related troubleshooter articles above before posting (which pages?)? yes
Have I searched the tickets before posting? yes
Have I read the documentation before posting (which pages?)? yes
Joomla! version: 1.5.26
PHP version: 5.1
MySQL version: 5.3
Host: rochen
Admin Tools version: 2.2.4
Description of my issue:
I had two accounts hacked on 4/4 on my rochen server Marbella...there are numerous other reported hacks (rochen forum), down sites on that server as well as repeated brute force attacks, and like myself, some have admin tools installed. These hackers go by the name SVU, and even have a boastful facebook page.
In response to tickets this is the "cut and paste" rochen response:
That's normal when an attacker scans blocks/ranges of IPs for vulnerable scripts. That indicates your account has been compromised due to vulnerable scripts under your account, incorrect permissions, or passwords stolen by malware from your local computer(s). I'd recommend that you follow these steps to clean and secure your account:
https://my.rochen.com/index.php?fuse...e&articleId=24
As long as you follow those guidelines on your accounts they won't be compromised, thank you.
I have applied the IP of the offenders to my "tools blacklist" and have not had issue with them since.
Although, others have been recently hacked. Is there a way to blanket my account using the admin tools blacklist, or to apply a htaccess directive to all accounts (even non-joomla), or better yet...can't Rochan or any server administrator apply a firewall block for the offending IP to stop their continued access?
Thanks for whatever you wish to address...
