Solved

Joomla sites I have created have got a rouge user registering.....I don't know how they got registered....HELP!!

Posted on 2008-10-29
3
447 Views
Last Modified: 2013-11-30
Something quite scary has happened.
I have developed a number of Joomla sites over the last 3 years.
I have just received about 6 emails from various sites telling me that a user has registered on these sites.
I have my email registered as the web administrator so I would receive these emails.
The BIG concern is:
These sites DON"T have a user login section so I don' t know how this person has become registered!!
There is NOTHING from the front end that allows a user to register.
The sites are all hosted on various servers so they are not all from one host.
The same username and password has been issued throughout so it appears as though one person has been tampering in the backend of my site.
I am really scared.
Can someone help shed some light as to what is going on?
TIA
0
Comment
Question by:Amanda Watson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 4

Accepted Solution

by:
NetcastersDesign earned 300 total points
ID: 22836737
This has happened to hundreds of Joomla websites over the last couple of days.  This seems to only effect Joomla 1.1x versions.  The user "margarittaes@free250host.com" It's just a spam bot.

If you wish to secure your sites, unpublishing the user registration page is simply not enough.  You will need to disable user registration.  Simply delete the user from the database and make that change in the configuration.

I also recommend updating your Joomla to the latest version. http://www.joomla.org/download.html

This has happened to about 9 of my own sites, so I am doing the same thing.  Just take a deep breath and make sure you are keeping your sites up to date.
0
 
LVL 15

Assisted Solution

by:MMDeveloper
MMDeveloper earned 200 total points
ID: 22836963
disabling registration via the global configuration will stop it, unless you've hacked up the registration process in a manner that allows registration. That and if you require activation for each account, if someone had been registered, they still couldn't log into their accounts without supplying a valid email address, reading the email, and clicking on the activation link.
0
 
LVL 11

Author Closing Comment

by:Amanda Watson
ID: 31511457
Phew, what a relief...Thank you very much!!
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to remove a section of the main menu from Magento 1.9.3 3 33
Problems with VPN 4 28
CentOS 7 wireless 2 36
How do I Import CSV File In my PHP Application 29 22
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
This article discusses how to implement server side field validation and display customized error messages to the client.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question