Support

Admin Tools

#13981 injections in index page

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Saturday, 01 December 2012 18:00 CST

Thursday, 01 November 2012 15:08 CDT

user52247
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? No
Have I searched the tickets before posting? No
Have I read the documentation before posting (which pages?)? No
Joomla! version: 2.5.7
PHP version: 5.3?
MySQL version: (unknown)
Host: www.rockip.com
Admin Tools version: 2.4.1

Description of my issue:
I have utilized admin tools to protect my site www.3dvision.com but continue to experience injections such as this:
 Replica Watches
I have geoblock for all countries but US and I'm catching all kinds of activity in security exceptions. I have bad behaviour initiated and as I said, geoblock. I have an .htaccess file but not the admin tools since I have had trouble with it taking the site off line. I've tried to experiment with .htaccess in my dev environment but no luck yet.
I've read and re-read the admin tools tutorial to try and place the most protection that I can. I have admin password-protected as well as a secret word.
Can you help in determining what else could be wrong? I just had Sucuri Security scan my site and they "hardened" areas that were vunerable.
Thank you

Thursday, 01 November 2012 15:18 CDT

nicholas
I would recommend reading our Unhacking your site walkthrough. You have to first find out where the hack is coming from. For example, if it's coming from a hacking script already installed on your site or installed on another site on the same server (which has write access to your files due to insufficient ownership and/or permissions) then you can't expect Admin Tools or any other security solution to protect you.

The idea is that Admin Tools only protects you from requests coming through Joomla!. Since you are not using the .htaccess Maker it is perfectly possible that an attacker has already uploaded a malicious PHP script and accessing it directly, bypassing Admin Tools. Likewise, if the attacker has infiltrated a site on the same server and he has write access to your files his attack does not go through Joomla!'s files and Admin Tools cannot protect you. That's why you have to first find out where the attack is coming from.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Saturday, 01 December 2012 18:00 CST

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!