Support

Akeeba Backup for Joomla!

#20479 Spam using Akeeba name as author

Posted in ‘Akeeba Backup for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Akeeba Backup version
n/a

Latest post by nicholas on Friday, 11 July 2014 07:27 CDT

Thursday, 10 July 2014 20:13 CDT

user65798
EXTREMELY IMPORTANT: Please attach a ZIP file containing your Akeeba Backup log file in order for us to help you with any backup or restoration issue. If the file is over 2Mb, please upload it on your server and post a link to it.

Description of my issue:
Nicholas,

FYI Some spam merchant is posting spam blogs on my site with the author name Akeeba Support
I have deleted all 25 of them except the one below FYI.

Num Title Contributed In Featured Published Frontpage Auto Posting Category Author
1 Dating Services Site Wide Published Not Available Uncategorized Akeeba Support 2014-07-10 09:49:15 1 All 5
Preview
The message in the post said
Dating Services
Posted by escortservice on Thursday, July 10, 2014
Buy Sex Toys for Men
- A sexual firefighter knows how to extend his hose!

Not something either of us would be interested in having associated with our name.

As you know I am a novice and have obviously left a door open somewhere in my blogging section that allows these bastards to get in. This is my problem - I am just writing to you FYI as the name Akeeba Support is used as the author.

Cheers

Friday, 11 July 2014 01:49 CDT

nicholas
Hello John,

I see that in the past you had created a user account for me to log in and help you with your site. I told you that once I am done you should deactivate that user account. It seems like you didn't. You need to do that now. Apparently someone else guessed the password and uses it to log in to your site and post spam.

Even though this is technically generic Joomla! support and outside the scope of our support services, I am going to outline the procedure for you.

Log in to the back-end of your site.
Click on Users, User Manager from the top menu
Above the name column there is a "Search" text box. Enter Akeeba in there and click the magnifying glass icon next to it.
You will see the user account you had created for me. Click on it.
Click on the "Assigned user groups" tab.
Make sure the only selected user group is "Registered"
Click on Save (NOT save & close!)
The page reloads {see note 1}.
Click on the Account Details tab.
Set the "Block this User" option to "Yes"
Click on Save & Close

Note 1: If saving resulted in a 403 error, please follow the steps below, then retry the user deactivation process above.

Go to Components, Admin Tools
Click on Web Application Firewall
Click on Configure WAF
Find the "Disable editing backend users' properties" and set it to No
Click on Save & Close

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 11 July 2014 06:51 CDT

user65798
Many many thanks for your kind and comprehensive advice.

After you told me (and reminded me) of the user name scenario of long ago...I immediately went and simply deleted that user from the user section---thinking that would resolve the issue? That simple action did not do the job I thought it would do.

I will now follow the detailed instructions and hope/expect that that will resolve the situation.

Really appreciate your "extra mile" assistance.

Cheers

John Loty

Friday, 11 July 2014 07:27 CDT

nicholas
Yes, deleting the user will of course fix this issue. I guess I could have told you. There was too much blood in my caffeine stream, I guess :)

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!