News:

You may pay someone to create your store, or you visit our seminar and become a professional yourself with the silver certification

Main Menu

compromised links

Started by ptitcali, May 18, 2012, 13:14:16 PM

Previous topic - Next topic

ptitcali

Hi there

I have a problem which worries me: when I go on the live update page, most of the links are then compromised, linking to custard, online pharma stores and prn websites.

This seems to happen only on the live update website.

I've tried to check .htaccess documents or look for links, it doesn't seem to have anything wrong, so I don't know how this happens.

FYI, I have joomla 2.5.4 and VM 2.0.6 (just upgraded from 2.0.2, the problem was already there)
Thanks for your help...

jenkinhill

Which live update page is that? If the VM live update page then the only link I have is to http://virtuemart.net/downloads/virtuemart-releases/virtuemart-2-0-6/com_virtuemart.2.0.6.tar.gz  (I have VM2.0.7c but have never seen anything other than correct links).

Sounds like you site has been hacked? Are other link pages OK?
Kelvyn
Lowestoft, Suffolk, UK

Retired from forum life November 2023

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

ptitcali

Hi Jenkinhill

I mean, also the links of the menu of Joomla get compromised (Site, user, menu)

It's the only page where it does this, so I've trouble understanding what's going on..

Joomla and VM are both up to date, so I don't know how I would have been hacked... I've checked for things in the DB or the whole website, but couldn't find anything...

ptitcali

links seems fine (if I go on them with the mouse, they show correctly), they just drive to the wrong page.

It was like the .htaccess file was compromised. I've checked it and there's nothing wrong...

jenkinhill

Try on another computer & different browser.
Kelvyn
Lowestoft, Suffolk, UK

Retired from forum life November 2023

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

ptitcali


jenkinhill

Using a different computer rules out malware affecting your browser, so the conclusion must be that there has been a hack of your site. The most recent general attack of servers/sites was with .htaccess redirect but you say that ,htaccess is OK? There is not more than one .htaccess file in root or one elswhere in the installation?  ( http://boardreader.com/thread/Joomla_htaccess_hacked_j0i5Xf45c.html )

You need to do more detective work looking in the database and in the Joomla and VM files.  Note that tyours is the only report I have seen of such an issue.
Kelvyn
Lowestoft, Suffolk, UK

Retired from forum life November 2023

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

ptitcali

Now this is getting really strange...

I've restarted with a clean install, other said:
- erased all data
- erased all DB
- reinstalled a clean Joomla
- reinstalled a clean VM and VM aio
and I get the same

Checked my computer for virus - nothing found.
What else shall I do?

jenkinhill

Did you erase all .htaccess files as well? That is the only possibility left. Apart from your browser cache.
Kelvyn
Lowestoft, Suffolk, UK

Retired from forum life November 2023

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum