Leaked! Confessions of a Joomla DEV


Published on

Prevention is better than cure. This is no exception with security and the Joomla Operating system. It's not a matter of IF your websites will be attacked, but only a matter of WHEN they will be attacked. The question is, are your websites prepared to withstand the onslaught, or are they a malicious script field day case study where the doors and windows are left wide open?

As an introduction, Paul will look at the foundations of server and script security and various tips and tricks to harden your Joomla instance against possible attacks. This talk will provide practical steps you can apply to immediately beef up security of your current Joomla instance. Secondly, he will discuss the practical steps you need to follow if you wake up one day and the unthinkable did happen. This talk is a must for Beginner and Intermediate Joomla users, and the old timers can also join to make sure all leaked information is accurate.

Never say never, and welcome to the resistance!

Additional Info
Presenter: Paul van Jaarsveld
Category: Joomla

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Leaked! Confessions of a Joomla DEV

  1. 1. Leaked! Confessions of a Joomla DEV Paul van Jaarsveld Kalemanzi Media Solutions @kalemanzi
  2. 2. Overview ● Hackin 'n crackin (Why, who, what?!) ● Prevention ● Cure ● Discussions / questions
  3. 3. Why, who, what? ● Why do people want to “hack” sites? ● Who / what does it? ● What do they do?
  4. 4. Defaced – peer recognition
  5. 5. Various forms of attacks ● SQL injection – make mysql run malicious commands ● Known vulnerabilities of outdated scripts ● Poorly designed code ● Generic passwords ● Denial of Service / slashdot effect
  6. 6. DDOS attacks
  7. 7. Spam with a purpose
  8. 8. Payload
  9. 9. Phishing
  10. 10. Prevention: Your neighborhood ● Hosting provider NB! ● Rather Apache Linux than Win ● Avoid shared hosting ● PHP5, CGI not module, register_globals ● PHP.ini settings (remote url incl etc.) ● mod_security ● Htaccess.txt .htaccess ● Cpanel, ftp, ssh password etc.
  11. 11. Prevention: Your house ● Bricks – Latest Joomla ● Domestic workers – extensions bg. check ● House contents – user data / content ● The windows – what can be seen ● The doors / gates – points of entry ● Keys! NB. PSWD – what Master key?! ● Radio and tv / internet – external / feeds ● CCTV / alarm system – Monitor security ● Insurance – regular incremental backups
  12. 12. Cracked, now what?!
  13. 13. Recovery Action plan! ● ● ● ● ● ● Remove site from public_html (rename script - rn public_html public_html_inf Change passwords (sql, ftp, cpanel etc.) Find a backup that was done before infection and keep it handy Do a comprehensive site audit Find the source of the infection – use shell script, common sense, versions etc. Choose recovery strategy:
  14. 14. Strategy ● Repair current instance eg. Remove malicious code ● Restore clean backup and fix holes ● Make site live ● Make sure the site is clean! ● Have a plan in place for future
  15. 15. Questions ● What extensions do you use? Let's make a list right now! ● How do you handle your hacked sites?
  16. 16. Welcome to the resistance ;-) Paul van Jaarsveld Kalemanzi Media Solutions @kalemanzi