Support

Admin Tools

#16421 distributed hacking

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Monday, 17 June 2013 01:34 CDT

Monday, 17 June 2013 01:08 CDT

user6558
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? No
Have I searched the tickets before posting? No
Have I read the documentation before posting (which pages?)? No
Joomla! version: (unknown)
PHP version: (unknown)
MySQL version: (unknown)
Host: (optional, but it helps us help you)
Admin Tools version: (unknown)

Description of my issue:

My site is kept being hacked every 5 mins with distributed IP from all over the world.
most frequent Reason: Admin Query String

I have enabled the firewall. What else can I do?

Monday, 17 June 2013 01:34 CDT

nicholas
Your site is not being hacked, it's being attacked. There's a big difference :) Hacked means that the attacker made it through. Attacked means that the attacker got blocked by Admin Tools which is now sending you an email to let you know.

Since the attack is coming from a different IP each time you can't and don't have to do anything in particular. Even if the attacker was to guess your Super User username and password they'd still be blocked by Admin Tools. One thing you should have done anyway is making sure that you're not using an easy to guess username (like "admin") and that your password is hard to guess as well. As far as the password is concerned, I recommend using a password manager such as KeePass, 1Password, LastPass and so on to create and securely store a hard to guess password such as a 20 random character password consisting of upper- and lowercase letters, numbers and special characters. Making it harder for your login to be guessed makes it easier to protect your site against these attacks.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!