Path: csiph.com!usenet.pasdenom.info!gegeweb.org!de-l.enfer-du-nord.net!feeder1.enfer-du-nord.net!feeds.phibee-telecom.net!newsfeed.xs4all.nl!newsfeed6.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.012 X-Spam-Evidence: '*H*': 0.98; '*S*': 0.00; 'hosts': 0.07; 'option,': 0.07; 'thats': 0.07; 'python': 0.09; 'coding,': 0.09; 'sep': 0.09; 'template': 0.11; 'charset:iso-8859-7': 0.15; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'guess.': 0.16; 'wrote:': 0.17; 'fix': 0.17; 'received:209.85.214.174': 0.21; 'supposed': 0.21; 'work.': 0.23; 'insert': 0.23; 'header:In-Reply-To:1': 0.25; 'wrote': 0.26; 'am,': 0.27; 'guess': 0.27; 'message- id:@mail.gmail.com': 0.27; 'options': 0.27; "doesn't": 0.28; 'post': 0.28; 'search.': 0.29; 'usually': 0.30; 'code': 0.31; 'to:addr:python-list': 0.33; 'received:google.com': 0.34; 'received:209.85': 0.35; 'but': 0.36; 'subject:Please': 0.36; 'received:209': 0.37; 'far': 0.37; 'subject:: ': 0.38; 'easier': 0.38; 'some': 0.38; 'instead': 0.39; 'to:addr:python.org': 0.39; 'received:209.85.214': 0.39; 'called': 0.39; 'header:Received:5': 0.40; 'end': 0.40; 'your': 0.60; 'further': 0.61; 'dedicated': 0.61; "you'll": 0.62; 'assistance': 0.63; 'subject:One': 0.65; 'subject:. ': 0.66; 'yourself,': 0.75; "else's": 0.84 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=N+/TzCk1zW9a+VdT4ChpktBJ3XqfAmUIKiwDUw4XEMs=; b=wDCkKcTNaaO4Mz6LX0HKYVZYf6TgcTWPriAZ1lA6b5MGZ9/F960Rtzmcl4dqiW8llf KRvXkur06LHJSDcgD7GWfLRDtPYevG43NQT5jLm/ZeHHGc/65ef/UbQyhdRypOLCm9P+ +3y2TsaouKjL97EWsgd6xWPrJAunvvONUPwAR9h13Px0uTuCm67D+0O8kUu7+SR8ZiEU IfN4ByHEDD1UYdmG5H/MTtt/VB2OQO6UFMoQrLuCzPe/r8iMhERsjFuX6j1T08vnCk05 v5yV9x2GA4hExHcXsNx3+GBXjlNwT0G3MYXD8GDSR2TPfpyR1102sH52AzYdaNjiob5K cVXQ== MIME-Version: 1.0 In-Reply-To: References: <079f4b21-93f4-450b-9112-21b2faa19ed3@googlegroups.com> <505db890$0$29981$c3e8da3$5496439d@news.astraweb.com> Date: Sun, 23 Sep 2012 00:57:38 +1000 Subject: Re: One of my joomla webpages has been hacked. Please help. From: Chris Angelico To: python-list@python.org Content-Type: text/plain; charset=ISO-8859-7 Content-Transfer-Encoding: quoted-printable X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 25 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1348325861 news.xs4all.nl 6937 [2001:888:2000:d::a6]:45934 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:29755 On Sun, Sep 23, 2012 at 12:44 AM, =CD=DF=EA=EF=F2 =C3=EA=F1=E5=E5=EA wrote: > But how am i supposed to fix this vulnerability if i don't know which one= is it? > > My guess is they used joomlas template to insert arbitrary code but thats= just a guess. The answer to that is a thing called "research", and you'll usually find a lot of it at the other end of a web search. Also, you may want to look into what it means to be a web site administrator. It doesn't simply involve throwing down some code that someone else wrote and expecting it to work. If you want a web site without having to manage it yourself, consider a blog instead - someone else hosts it and worries about security, and you just post your content to it. It's a far FAR easier option, as long as what you want can be shoehorned into someone else's layout design. Neither of these options involves any Python coding, so if you want further assistance with them, I recommend looking for a forum dedicated to the technology you use. ChrisA