Last post 1 hour 15 min ago

Posts last week 82

Average response time last week 34 min

All time posts 68047

All time tickets 10515

All time avg. posts per day 20

Helpdesk is open from Monday through Friday CET

Please create an (free) account to post any question in the support area.

Please check the development versions area. Look at the changelog, maybe your specific problem has been resolved already!

All tickets are private and they cannot be viewed by anyone. We have made public only a few tickets that we found helpful, after removing private information from them.

#1615 – infected file appeared

Posted in ‘sh404SEF’

This is a public ticket. Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Wednesday, 06 January 2016 12:13 UTC

simond3c

I have sh404sef v4.7.2 and a file has appeared in \components\com_sh404sef\sef_ext\blog.php which contains compromised/infected code. Please can you advise how this security issue can be prevented?

I have attached the file which is zipped and renamed to blog.ph_p

Regards,
Simon De'Ath

Wednesday, 06 January 2016 13:48 UTC

wb_weeblr

Hi

It seems your server is indeed infected by malware. The usual procedure then is to clean up all such infected files you can find, which can be tricky, as hackers will most likely have disseminated such infected files all throughout your site.

A better method is often to wipe out the server, and restore from a known good backup.

Joomla has a documentation page that can be a good resource: https://docs.joomla.org/Security_Checklist/You_have_been_hacked_or_defaced

Lastly you can hire a specialist, which will take appropriate steps to clean and secure your server. myjoomla.com is a well known such service for instance.

Hope this helps,

Best regards

This ticket is closed, therefore read-only. You can no longer reply to it. If you need to provide more information, please open a new ticket and mention this ticket's number.