Skip to Content Skip to Menu

🌟 CB Editor Assistant 1.0.0 is here! Discover our new AI Joomla Plugin that wrote its story! (and this banner!)
Start at just $12.50/month* or 💸 save 30% with our 🛍️ Black Friday Intro Offer for your subscription's lifetime
Grab It Now!
🎉 Black Friday sale is here! Great savings on professional and developer memberships! Get 25% off now with code BLACK-FRIDAY-2024!

Registered users able to post to configuration.php file!

11 years 7 months ago #225956 by ippon_solutions
Registered users able to post to configuration.php file! was created by ippon_solutions
Hi,

Our website got hacked earlier this week, and I've just been going through the log files. In the logs I've seen that 'people' have registered, then made a POST request to my configuration.php file; and can only assume they were able to edit the file.

My configuration:

I'm unable to move the configuration.php from the webspace due to hosting restrictions.
Last week I updated all file permissions to 644, and folder permissions to 755.
I did have CB 1.8 installed up until about 5min ago, and have just upgraded to 1.9.

The CB users appear to have be added as 'Registered' users, so am surprised they can post to the webspace.

Is this a CB issue, or something wider that I need to reslove?

TIA

Please Log in or Create an account to join the conversation.

11 years 6 months ago #226272 by ippon_solutions
Replied by ippon_solutions on topic Registered users able to post to configuration.php file!
Any ideas?!

Thanks

Please Log in or Create an account to join the conversation.

  • nant
  • nant
  • OFFLINE
  • Posts: 12339
  • Thanks: 1467
  • Karma: 877
11 years 6 months ago #226303 by nant
Replied by nant on topic Registered users able to post to configuration.php file!

ippon_solutions wrote: Any ideas?!

Thanks


Doesn't sound like anything related to CB.

If your site was hacked you need to understand how.

There are paid services (third party) that can help you.

Not sure what more we can offer here.
--
Nick (nant)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Tutorials + Search the forums
For more add-ons and support: Upgrade your membership
Links: Community Builder - Languages - Adv/Pro/Dev membership - CBSubs Paid Subscriptions - GPL Templates - Hosting

Visit my CB Profile - Send me a Private Message (PM)

Please Log in or Create an account to join the conversation.

Moderators: beatnantkrileon
Powered by Kunena Forum