Comments on: 10 Reasons Why Your Joomla Website Got Hacked

By: Fadi

Fadi — Fri, 31 Aug 2012 13:08:27 +0000

Hi C.H.,

Fixed – sorry for the oversight. It is important to mention though that if you have a malicious php file on your website, then it might be able to overwrite the .htaccess file even if its permissions are set to 444. (If Apache has full permissions on that folder)

By: C. H.

C. H. — Thu, 30 Aug 2012 06:58:49 +0000

Just a tweak to the page. In #3 you mention .htaccess file permissions and what to change them to. The example provided isn’t correct. May just be a typo, but reckoned I’d post the correct values (as my site looks to have been hit by an .htaccess rewrite and I found it by reading this page):

set your .htaccess permission to 444 (r-xr-xr-x) or maybe 440 (r-xr-x-r-x)

Should read instead:
set your .htaccess permission to 444 (r–r–r–) or maybe 440 (r–r—–)

I set mine to 444 from 644 (rw-r–r–) and the page still worked, so thanks for the tip!

-C.

By: 20 Benefits of Using Joomla | itoctopus

20 Benefits of Using Joomla | itoctopus — Tue, 31 Jul 2012 16:16:50 +0000

[...] We have discussed before, in depth, the reasons why a Joomla website get hacked. [...]

By: NomDeGuerre

NomDeGuerre — Mon, 09 Jul 2012 21:33:05 +0000

You forgot number:

0. Joomla! security sucks!

Never forget that programmers have a 0th finger. ;P

By: Swagato Bhatta

Swagato Bhatta — Sun, 08 Jul 2012 03:08:38 +0000

One more reason why websites get hacked is not having a dedicated security specialist looking after the website (s). Sometimes companies use their developers to also look after the security portion of the site. Same way they use developer for testing too. These are done to reduce the costs. However what one does not realize that doing so may and does result in very bad mistakes down the road!

By: 10 Security Tips for Your Joomla Website | itoctopus

10 Security Tips for Your Joomla Website | itoctopus — Fri, 04 Nov 2011 11:50:50 +0000

[...] article, 10 reasons why your Joomla website got hacked, was well received by our readers (clients and visitors alike). In this post, we want to list the [...]

By: How to Create a Custom Form in Joomla? | itoctopus

How to Create a Custom Form in Joomla? | itoctopus — Wed, 28 Sep 2011 10:13:42 +0000

[...] our clients suffer from vulnerability issues (XSS and SQL injection – which can result in the hacking of the Joomla website) so we had to secure these extension after installing them. It usually takes us 1 day to install a [...]

By: Hacked .htaccess File on Joomla | itoctopus

Hacked .htaccess File on Joomla | itoctopus — Sun, 28 Aug 2011 13:28:34 +0000

[...] are many reasons on why a Joomla website gets hacked, but regardless of the reason, we are always there to help, and as usual, at lightning speed! So [...]

By: Our Joomla Emergency Services | itoctopus

Our Joomla Emergency Services | itoctopus — Wed, 13 Jul 2011 02:04:11 +0000

[...] Their website is hacked: This is usually due to an out-of-date Joomla installation, a weak extension, or some “loose” permissions on the Joomla’s core and/or template files. (Check this list of potential reasons on why a Joomla website is hacked). [...]