FlashLight

Hi Folks,
 
I'm sharing my experiences in hope that it will help another HawkHost user and save them a  lot of time and worry.
 
I have had 4 different Joomla 1.5 sites attacked since January, all with variations of the same hack.
 
According the the Joomla community there has been a spike in these 'Hmei7' attacks since January. I found some info here that might be helpful to others with the same problem:
 
There is info here on how to start the clean up:

http://www.joshpate.com/2013/01/how-to-fix-hacked-by-hmei7-on-joomla-web-site/
http://blog.cripperz.sg/2013/01/12/how-to-fix-hacked-by-hmei7%E2%80%B3-on-joomla-web-site/

Also, once it is cleared up and Joomla updated to 1.5.26 (for those running 1.5) there are three extensions that are useful and cost effective:

JHackGuard (free): protects against common hack attempts.
http://extensions.joomla.org/extensions/access-a-security/site-security/site-protection/13233

AdminToolsPro (small subscription required): adds a firewall and automatically blocks IPs etc.
https://www.akeebabackup.com/products/admin-tools.html

JSecure Lite (free): changes the default Admin login page to something of your choice:
http://extensions.joomla.org/extensions/access-a-security/site-security/login-protection/23080

The last one is particularly useful as after installing AdminToolsPro and setting it up to notify me with failed Admin logins I could see that some sites were getting hammered with password guessing scripts. This dealt with that problem immediately.
 
Hope this helps someone.
 
Thanks.
Andy

Hi Folks,
 
I'm sharing my experiences in hope that it will help another HawkHost user and save them a  lot of time and worry.
 
I have had 4 different Joomla 1.5 sites attacked since January, all with variations of the same hack.
 
According the the Joomla community there has been a spike in these 'Hmei7' attacks since January. I found some info here that might be helpful to others with the same problem:
 
There is info here on how to start the clean up:

http://www.joshpate.com/2013/01/how-to-fix-hacked-by-hmei7-on-joomla-web-site/
http://blog.cripperz.sg/2013/01/12/how-to-fix-hacked-by-hmei7%E2%80%B3-on-joomla-web-site/

Also, once it is cleared up and Joomla updated to 1.5.26 (for those running 1.5) there are three extensions that are useful and cost effective:

JHackGuard (free): protects against common hack attempts.
http://extensions.joomla.org/extensions/access-a-security/site-security/site-protection/13233

AdminToolsPro (small subscription required): adds a firewall and automatically blocks IPs etc.
https://www.akeebabackup.com/products/admin-tools.html

JSecure Lite (free): changes the default Admin login page to something of your choice:
http://extensions.joomla.org/extensions/access-a-security/site-security/login-protection/23080

The last one is particularly useful as after installing AdminToolsPro and setting it up to notify me with failed Admin logins I could see that some sites were getting hammered with password guessing scripts. This dealt with that problem immediately.
 
Hope this helps someone.
 
Thanks.
Andy

Hi Folks,
 
I'm sharing my experiences in hope that it will help another HawkHost user and save them a  lot of time and worry.
 
I have had 4 different Joomla 1.5 sites attacked since January, all with variations of the same hack.
 
According the the Joomla community there has been a spike in these 'Hmei7' attacks since January. I found some info here that might be helpful to others with the same problem:
 
There is info here on how to start the clean up:

http://www.joshpate.com/2013/01/how-to-fix-hacked-by-hmei7-on-joomla-web-site/
http://blog.cripperz.sg/2013/01/12/how-to-fix-hacked-by-hmei7%E2%80%B3-on-joomla-web-site/

Also, once it is cleared up and Joomla updated to 1.5.26 (for those running 1.5) there are three extensions that are useful and cost effective:

JHackGuard (free): protects against common hack attempts.
http://extensions.joomla.org/extensions/access-a-security/site-security/site-protection/13233

AdminToolsPro (small subscription required): adds a firewall and automatically blocks IPs etc.
https://www.akeebabackup.com/products/admin-tools.html

JSecure Lite (free): changes the default Admin login page to something of your choice:
http://extensions.joomla.org/extensions/access-a-security/site-security/login-protection/23080

The last one is particularly useful as after installing AdminToolsPro and setting it up to notify me with failed Admin logins I could see that some sites were getting hammered with password guessing scripts. This dealt with that problem immediately.
 
Hope this helps someone.
 
Thanks.
Andy

Hi,

Elsewhere on the forum it was mentioned that HawkHost will soon be offering PHP 5.3.3 as an option (back in 2010). Is this now an option and if so how do I go about upgrading from 5.2.17?



Thanks.
Andy