We use Joomla and K2 for our website. On this page website in the the meta property="og:description" has been hacked and it shows this content="buy zolpidem us zolpidem online... And wo when we post to Facebook we get this text in the description.
Any idea where to look for this text and delete it? I have searched and found the K2 file that pulls the text. I just dont know where the text lives.
Thanks,
John
I just had this happen with Wordpress... in my case deleting and reinstalling the Facebook plugin fixed this particular issue. The strange thing was the FB plugin wasn't modified in any way.
The larger issue was the site had been hacked - which in your case is almost certainly true as well. I'm not familiar with Joomla, but scan the rest of your files/folders for malware or suspicious code (and your site structure for invisible files and folders (beginning with a '.'), possibly reinstall your files, check your htaccess file to make sure nothing has been added, check the registered users on the site -- any suspicious admins? -- and change your passwords.
In other words, this is a symptom of a greater problem, and not the problem itself.
Here is what I did. I had the hosting copy run a grep to search on my web data for the string containing the malicious text.
Once we found the files I used clean PHP files from another Joomla instal to overwrite the hacked files.
The hacked PHP file was pulling a string of malicious text from a text file named value(s)
I then backed-up the website and installed another layer of security called Admin Tools. The Pro version cost money but could be used on as any websites as I needed.
Related
My website files got corrupted and lost all the backup files somehow. Can any one please suggest the process to download entire site.
Its a simple html site. Once after downloading how can I host it ?
Please help
You can't use a regular crawler because the contents served have the original links, so you get out of the first page immediately when you're crawling it if you don't rewrite the links: in the browser they are rewritten with a client-side script to point back to the Wayback Machine.
If it's simple html, like you mentioned, and very small you might want to save the pages manually or even copy the contents by hand to a new website structure. If it's not small, then try the tools mentioned in the answers to this similar question in superuser: https://superuser.com/questions/828907/how-to-download-a-website-from-the-archive-org-wayback-machine
After downloading it you may have to check the structure of the files downloaded for links that may have been incorrectly rewritten or for missing files. The links that point to files that belong to the website should be local links and not external ones. Then you can host it again on a web hosting service of your preference.
I had to copy relevant files from an existing joomla application to a fresh joomla installation. After doing that, some plugins and modules that were working properly on the old installation aren't on the new installation. e.g
I have {chronoforms}Contact_Us{/chronoforms} that is meant to display a contact form, instead if justs echos {chronoforms}Contact_Us{/chronoforms}.
I also have {module _Story_Player} that is meant to display a allvideoshare video but instead just echos {module _Story_Player}
When i access the backend to view these plugins, i get a 500 - An error has occurred with xml missing note, eg, for chronoforms, i get The file chronoforms.xml could not be found although I have all the necessary files copied to the right location.
I have looked through jooomla forums and other resource sites but havent found any pointers so far.
The simplest thing to do would be to re-install the software, as it appears you've missed the relevant configuration files for those plugins (you've probably also missed other files media, language etc).
Chronoforms on JED.
All Video Share on JED
Most good extensions have no problem being installed over an existing or partial installation so you shouldn't encounter any problems.
As #Riccardo Zom, mentions re-installing will also make sure the extensions are properly registered with Joomla! for menus, ACL e.t.c.
What about "Extension Manager" > "Discover" - isn't that supposed to be used in such cases?
I developed and I am now supporting a Joomla 1.5. It appears that it was hacked recently with: MW:SPAM:SEO (http://labs.sucuri.net/db/malware/malware-entry-mwspamseo). I have looked at the directory structure (using FTP) and I have discovered a folder called: 'f42ad68b3fb9cdd940d9eacc861791aa' in libraries\joomla\session\storage. What is this folder used for? I never used it when I developed the website.
The default files within libraries\joomla\session\storage are:
acp.php
database.php
eaccelerator.php
index.html
memcache.php
none.php
xcahe.php
Extensions installed should not manipulate any core Joomla files and store anything within the core folders. there is there are any, delete them for security reasons.
The majority of files notied above are for sessions and cache For more information on sessions, please read: php.net/manual/en/intro.session.php
As for solving hacking in the future, I answered a question not long ago which explains some things you can do and recommended extensions.
Joomla! 2.5.4 Hacked: Having trouble with diagnosis
I've had a cope of attacks from this malware. In my case it seems to have entered through an image slide plugin ( for joomla 2.5).
For want of a better approach I downloaded the whole site and serched for
t='';}}x[l-a]=z;}document.write('<'+x[0]+' '+x[4]+'>.'+x[2]+'{'+x[1]+'} ');}dnnViewState();
This is the malware code string as per the sucuri scan of the site. There was one instance of this in a javacript script, which when removed produced a clean bill of health for the site according to the the sucuri scanner.
I would not lightly delete a whole folder of files, particularly as this malware has a small footprint - only 1 line of javascript.
I know this thread is well out of date but perhaps others are still having problems. My infections occurred around Feb 2013
I did a cPanel move of a Joomla 1.5 website and a PHPBB3 forum from one server to another, and when the DNS changes kicked in all I see is a blank page. The administrator panel works without any problems whatsoever. cPanel works. Website and forum (which is separate from the website) are both blank.
I have then manually downloaded and then uploaded all files (didn't move the databases manually), and some files wouldn't upload because of 555 file permissions. I changed the permissions to 777 temporarily to overwrite the file with the manually uploaded one. So all files are now the same as they were on the old server.
Even when I turn the Site Debugging on, the screen is blank.
There is no hidden index.html or default.html file which could be causing the problem.
The entire account was moved with cPanel so it's the same on the old server and the new server. The hosting provider reports no problems. The DNS changes kicked in two days ago.
PHP is working, as this link works: http://oklade.net/findpath.php
In configuration.php, there is nothing specifically pointing to the old site.
var $dbtype = 'WeboMySql';
var $host = 'localhost';
All roads in these cases generally lead to configuration.php Check spelling and punctuation for mistakes. Also, enable one of the default Joomla Templates to be sure that whatever template you're using isn't also using old values.
Problem is solved.
The configuration.php file was to blame, as everyone suggested, but there was no possible way to change it manually and get it right, I had to make the system determine its own configuration.
I installed a fresh version of Joomla in a separate folder, and a fresh version of PHPBB3 in a separate folder.
Then I took the configuration.php and config.php files for those two things and put them in the existing folders of the website which didn't work.
Changed the minor details such as database prefixes (as I couldn't have entered the existing ones while installing), and that's it. Now it works.
So this might be a good workaround for anyone facing the same problem. Install a dummy version of Joomla and use the generated configuration.php file for the old, non-functioning website.
Before starting to debug the server, turn debug-mode on (in the admin CP)
First thing I would try is to delete the cache by running: rm –rf /var/www/html/<your website directory>/var/cache/*
The next thing I would try is to switch to another template - make sure that the template is not the issue.
Also, make sure to check the apache access log - just in case. also, you can check .htaccess for stuff like 301 redirect rules or any other problematic configuration (same applies for httpd.conf and configuration.php)
Good luck!
For about 12 years I've been working on a couple different web sites in Dreamweaver or even wayback in Homesite. That said, I've gotten very comfortable with the traditional set up of URLS with definite structures where you can logically follow the directory set-up and it was very clear how to program the relative/absolute links and more. I would either FTP the files through in Dreamweaver or would use some kind of Management Console. Recently I took a new job to help on a web site that currently lives and was built using Joomla. I'm looking to see if there is a way to get this entire site on my Hard Drive so I can work on it locally and then upload as pages are finished, or at the very least find out how best to work with this site.
Joomla has many things about starting a page from scratch, but I'm really trying my best to investigate a site that's already developed and find ways to make the necessary adjustments and take inventory of everything that's on the site. Any help would be much appreciated.
Thanks.
In order to administer a site in Joomla, there is no need to have any files locally. You can add, edit, and delete pages all through the administrative back end of the website. The entire site is built based on the query string of the URL. The string determines which component is displaying the content and which content to display.
There is really only one page in a Joomla site, the index.php file in the current template directory. Every page is built using that page. The only time you would need to modify that page is when there is a structural change in the site. Even then, if the template is well coded it should have various module positions available for use that collapse when they are not in use. This allows you to have a 3 column layout on one page and a 2 column layout on another simply by adjusting which modules display on a particular page.
I would highly recommend reading some tutorials before messing around with editing any files. Here are a few decent resources:
http://www.virtuosimedia.com/dev/php/joomla-administration-explained-a-joomla-15-admin-tutorial
http://www.joomlashack.com/tutorials
http://docs.joomla.org/Beginners
Part of the purpose of Joomla is to be able to manage the content of a website without requiring local copies of all the pages. So what you are asking sort of defeats the purpose of using Joomla in the first place. To do what you ask you would have to get an offline copy of the entire website, uninstall Joomla, and then upload your "static" copy. I would predict that the end result would be a web site that is very hard to maintain.
If you really really want to do this you could use a website copy tool like HTTrack. It supposed to be used to copy a website so you can browse offline, but the end result is what you are looking for: a local copy of the website.