Broad direction sought... - Joomla! Forum - community, help and support

-

[reposting this, i'd accidentally popped in j2.5 security forum earlier, j3.x question...]

hey there-

i'm seeking broad advice on something. had site hacked , have been repairing ... plenty of stuff still, such upgrading 3.4 3.4.1. (i still on 3.3.6 when happened, updating isn't fixing things far...)

here's happening -- using actual site example:

so, have article one:

*official* link:
http://www.theskanner.com/news/northwest/22727-mcmenamins-ufo-festival-features-betty-and-barney-hill-s-story


works fine.... but, noticed (or rather google noticed) long leave article id (22727) in url, can still call web page without having joomla throw 404. example(s):

code: select all

* http://www.theskanner.com/22727  (article text article id 22727 comes @ bottom)
* http://www.theskanner.com/22727junk  (same..)
* http://www.theskanner.com/junk/22727junk  (same)
* http://www.theskanner.com/morejunk/22727morejunk.html (same)


any suggestions on actions might take specific problem? (and/or specific files maybe run diff off of compared official joomla files on github -- maybe com_content router??) have broad ideas, hoped might have real "yep, here" type reaction.

best,
-jim

ps i've included fpa info, below, , know points few other issues, i'm interested in one, it's causing me problem w/ google. planning on getting 3.4.1, of course, not sure if that's going lick problem 3.3.6 --> 3.4.0 didn't kill this. still, fwiw, here's part:

forum post assistant (v1.2.4) : 15th may 2015 wrote:
basic environment :: wrote:joomla! instance :: joomla! 3.4.0-stable (ember) 24-february-2015
joomla! platform :: joomla platform 13.1.0-stable (curiosity) 24-apr-2013
joomla! configured :: yes | read-only (660) | owner: root (uid: 1/gid: 1) | group: webadmin (gid: 1) | valid for: 1.5
configuration options :: offline: 0 | sef: 1 | sef suffix: 0 | sef rewrite: 1 | .htaccess/web.config: yes | gzip: 0 | cache: 1 | ftp layer: 0 | ssl: 0 | error reporting: none | site debug: 0 | language debug: 0 | default access: n/a | unicode slugs: n/a | database credentials present: yes

host configuration :: os: linux | os version: 3.19.1-x86_64-linode53 | technology: x86_64 | web server: apache | encoding: gzip, deflate | doc root: /var/www/html | system tmp writable: yes

php configuration :: version: 5.4.16 | php api: apache2handler | session path writable: yes | display errors: | error reporting: 22527 | log errors to: | last known error: | register globals: | magic quotes: | safe mode: | open base: | uploads: 1 | max. upload size: 12m | max. post size: 12m | max. input time: 60 | max. execution time: 30 | memory limit: 128m

mysql configuration :: version: 5.5.41-mariadb (client:mysqlnd 5.0.10 - 20111026 - $id: e707c415db32080b3752b232487a435ee0372157 $) | host: --protected-- (--protected--) | collation: latin1_swedish_ci (character set: latin1) | database size: 3069.73 mib | #of tables:  112
detailed environment :: wrote:php extensions :: core (5.4.16) | date (5.4.16) | ereg () | libxml () | openssl () | pcre () | zlib (2.0) | bz2 () | calendar () | ctype () | hash (1.0) | filter (0.11.0) | ftp () | gettext () | gmp () | spl (0.2) | iconv () | reflection ($id: 6c4d8062369898a397e4b128348042f5c01b4427 $) | session () | standard (5.4.16) | shmop () | simplexml (0.1) | sockets () | mbstring () | tokenizer (0.1) | xml () | apache2handler () | curl () | dom (20031129) | fileinfo (1.0.5) | gd () | json (1.2.1) | exif (1.4 $id$) | mcrypt () | mysqlnd (mysqlnd 5.0.10 - 20111026 - $id: e707c415db32080b3752b232487a435ee0372157 $) | mysql (1.0) | mysqli (0.1) | pdo (1.0.4dev) | pdo_mysql (1.0.2) | pdo_sqlite (1.0.1) | phar (2.0.1) | posix () | sqlite3 (0.7) | sysvmsg () | sysvsem () | sysvshm () | tidy (2.0) | wddx () | xmlreader (0.1) | xmlwriter (0.1) | xsl (0.1) | zip (1.11.0) | mhash () | zend opcache (7.0.4fe) | zend engine (2.4.0) |
potential missing extensions :: suhosin |

switch user environment (experimental) :: php cgi: no | server su: no | php su: no | custom su (litespeed/cloud/grid): no
potential ownership issues: maybe

apache modules :: core | mod_so | http_core | mod_access_compat | mod_actions | mod_alias | mod_allowmethods | mod_auth_basic | mod_auth_digest | mod_authn_anon | mod_authn_core | mod_authn_dbd | mod_authn_dbm | mod_authn_file | mod_authn_socache | mod_authz_core | mod_authz_dbd | mod_authz_dbm | mod_authz_groupfile | mod_authz_host | mod_authz_owner | mod_authz_user | mod_autoindex | mod_cache | mod_cache_disk | mod_data | mod_dbd | mod_deflate | mod_dir | mod_dumpio | mod_echo | mod_env | mod_expires | mod_ext_filter | mod_filter | mod_headers | mod_include | mod_info | mod_log_config | mod_logio | mod_mime_magic | mod_mime | mod_negotiation | mod_remoteip | mod_reqtimeout | mod_rewrite | mod_setenvif | mod_slotmem_plain | mod_slotmem_shm | mod_socache_dbm | mod_socache_memcache | mod_socache_shmcb | mod_status | mod_substitute | mod_suexec | mod_unique_id | mod_unixd | mod_userdir | mod_version | mod_vhost_alias | mod_dav | mod_dav_fs | mod_dav_lock | mod_lua | prefork | mod_proxy | mod_lbmethod_bybusyness | mod_lbmethod_byrequests | mod_lbmethod_bytraffic | mod_lbmethod_heartbeat | mod_proxy_ajp | mod_proxy_balancer | mod_proxy_connect | mod_proxy_express | mod_proxy_fcgi | mod_proxy_fdpass | mod_proxy_ftp | mod_proxy_http | mod_proxy_scgi | mod_systemd | mod_cgi | mod_php5 | apache |
potential missing modules :: mod_security | mod_evasive | mod_dosevasive | mod_ssl | mod_qos | mod_userdir |
folder permissions :: wrote:core folders :: images/ (770) | components/ (770) | modules/ (770) | plugins/ (770) | language/ (770) | templates/ (770) | cache/ (770) | logs/ (770) | tmp/ (770) | administrator/components/ (770) | administrator/modules/ (770) | administrator/language/ (770) | administrator/templates/ (770) |

elevated permissions (first 10) :: layouts/ (770) | layouts/joomla/ (770) | layouts/joomla/searchtools/ (770) | layouts/joomla/searchtools/default/ (770) | layouts/joomla/searchtools/grid/ (770) | layouts/joomla/toolbar/ (770) | layouts/plugins/ (770) | layouts/plugins/user/ (770) | layouts/plugins/user/profile/ (770) | layouts/plugins/user/profile/fields/ (770) |
extensions discovered :: wrote:components :: site :: wf_mediaplayer_jceplayer_title (2.4.6) | wf_link_search_title (2.4.6) | [youtube] (2.4.6) | wf_aggregator_vine_title (2.4.6) | wf_aggregator_vimeo_title (2.4.6) | wf_filesystem_joomla_title (2.4.6) | wf_popups_jcemediabox_title (2.4.6) | wf_popups_window_title (2.4.6) | wf_links_joomlalinks_title (2.4.6) | wf_charmap_title (2.4.6) | wf_searchreplace_title (2.4.6) | wf_source_title (2.4.6) | wf_link_title (2.4.6) | wf_style_title (2.4.6) | [do not buy our kitchens!] (2.4.6) | wf_visualblocks_title (2.4.6) | wf_xhtmlxtras_title (2.4.6) | wf_fontsizeselect_title (2.4.6) | wf_article_title (2.4.6) | wf_styleselect_title (2.4.6) | wf_print_title (2.4.6) | wf_browser_title (2.4.6) | wf_directionality_title (2.4.6) | wf_inlinepopups_title (2.4.6) | wf_formatselect_title (2.4.6) | wf_table_title (2.4.6) | wf_imgmanager_title (2.4.6) | wf_contextmenu_title (2.4.6) | wf_fontselect_title (2.4.6) | wf_textcase_title (2.4.6) | wf_visualchars_title (2.4.6) | wf_anchor_title (2.4.6) | wf_clipboard_title (2.4.6) | wf_fontcolor_title (2.4.6) | wf_spellchecker_title (2.4.6) | wf_nonbreaking_title (2.4.6) | wf_preview_title (2.4.6) | wf_layer_title (2.4.6) | wf_fullscreen_title (2.4.6) | wf_lists_title (2.4.6) | wf_autosave_title (2.4.6) | wf_media_title (2.4.6) | wf_cleanup_title (2.4.6) | wf_caption_title (2.1.0) | com_mailto (3.0.0) | com_wrapper (3.0.0) |
components :: admin :: com_messages (3.0.0) | com_finder (3.0.0) | com_joomlaupdate (3.0.0) | com_modules (3.0.0) | com_media (3.0.0) | com_tags (3.1.0) | system - jumi router (2.0.6) | jumi (3.0.1) | system - jumi (3.0.4) | com_jumi (3.0.3) | com_config (3.0.0) | com_content (3.0.0) | com_checkin (3.0.0) | com_templates (3.0.0) | com_redirect (3.0.0) | com_cpanel (3.0.0) | com_login (3.0.0) | admintools (3.4.3) | com_newsfeeds (3.0.0) | com_search (3.0.0) | com_xmap (2.3.4) | jfbconnect (6.1.1) | system - jfbcsystem (5.0.1) | authentication - jfbconnect fa (5.0.1) | sourcecoast extensions library (2.1.1) | sclogin (3.0.2) | user - jfbconnect facebook (5.0.1) | content - jfbccontent (5.0.1) | com_weblinks (3.0.0) | com_users (3.0.0) | com_scriptmerge (0.9.20) | com_categories (3.0.0) | com_cache (3.0.0) | com_languages (3.0.0) | com_installer (3.0.0) | com_menus (3.0.0) | jce (2.4.6) | unknown (-) | akeeba (4.1.2) | com_banners (3.0.0) | com_admin (3.0.0) | com_contenthistory (3.2.0) | com_postinstall (3.2.0) | gantry (4.1.28) | com_plugins (3.0.0) | com_ajax (3.2.0) | roksprocket (2.1.0) |

modules :: site :: mod_users_latest (3.0.0) | mod_search (3.0.0) | mod_random_image (3.0.0) | rokajaxsearch (2.0.3) | mod_footer (3.0.0) | jfbcrequest (5.2.0) | mod_articles_category (3.0.0) | mod_articles_archive (3.0.0) | jfbcsharedialog (5.2.0) | mod_login (3.0.0) | mod_banners (3.0.0) | mod_related_items (3.0.0) | jfbcsharedactivity (5.2.0) | scsocialwidget (6.0.4) | mod_feed (3.0.0) | mod_stats (3.0.0) | jumi (3.0.1) | mod_breadcrumbs (3.0.0) | mod_tags_popular (3.1.0) | jfbcfollow (5.2.0) | jfbcfan (5.2.0) | roksprocket module (2.1.0) | mod_articles_latest (3.0.0) | jfbcfeed (5.2.0) | mod_wrapper (3.0.0) | mod_syndicate (3.0.0) | mod_whosonline (3.0.0) | jfbcsend (5.2.0) | jfbcrecommendationsbar (5.2.0) | mod_custom (3.0.0) | jfbcfriends (5.2.0) | mod_languages (3.0.0) | jfbcembeddedposts (5.2.0) | sclogin (4.2.4) | mod_finder (3.0.0) | mod_weblinks (3.0.0) | roknavmenu (2.0.7) | mod_articles_news (3.0.0) | mod_articles_categories (3.0.0) | vs image rotator (1.0.2) | jfbcrecommendations (5.2.0) | mod_tags_similar (3.1.0) | jfbccomments (5.2.0) | mod_articles_popular (3.0.0) | scsocialstream (6.1.1) | jfbcsocialshare (6.0.4) | jfbclike (5.1.0) | mod_menu (3.0.0) |
modules :: admin :: mod_akadmin_title (3.8.2) | mod_toolbar (3.0.0) | mod_latest (3.0.0) | mod_version (3.0.0) | mod_stats_admin (3.0.0) | mod_login (3.0.0) | mod_submenu (3.0.0) | mod_popular (3.0.0) | mod_feed (3.0.0) | mod_multilangstatus (3.0.0) | mod_quickicon (3.0.0) | mod_status (3.0.0) | mod_custom (3.0.0) | mod_title (3.0.0) | mod_logged (3.0.0) | mod_menu (3.0.0) |

plugins :: site :: authentication - jfbconnect (6.1.0) | plg_authentication_ldap (3.0.0) | plg_authentication_cookie (3.0.0) | plg_authentication_joomla (3.0.0) | plg_authentication_gmail (3.0.0) | social profiles - joomla (6.1.0) | social profiles - custom db (6.0.0) | plg_content_emailcloak (3.0.0) | plg_content_pagenavigation (3.0.0) | plg_content_pagebreak (3.0.0) | plg_content_vote (3.0.0) | plg_content_finder (3.0.0) | content - jfbccontent (6.1.0) | plg_content_joomla (3.0.0) | plg_content_emailcloak (3.0.0) | content - rokinjectmodule (1.6) | plg_content_loadmodule (3.0.0) | plg_extension_joomla (3.0.0) | system - jumi router (2.0.6) | plg_system_sef (3.0.0) | plg_system_cache (3.0.0) | plg_system_languagecode (3.0.0) | plg_srp_title (4.1.2) | system - roksprocket (2.1.0) | manage.myjoomla.com secure plu (n/a) | system - gantry (4.1.28) | system - rokextender (2.0.0) | plg_system_highlight (3.0.0) | system - admin tools joomla! u (1.0) | plg_system_p3p (3.0.0) | system - admin tools update em (1.0) | plg_system_redirect (3.0.0) | plg_system_languagefilter (3.0.0) | system - jfbcsystem (6.1.0) | plg_system_debug (3.0.0) | plg_system_log (3.0.0) | system - 1 click action (2.1) | plg_system_backuponupdate_titl (3.7) | plg_sys_scriptsdown (1.17) | system - admin tools (3.4.3) | system - jumi (3.0.4) | plg_system_logout (3.0.0) | system - rokcommon (3.1.10) | plg_system_remember (3.0.0) | plg_captcha_recaptcha (3.4.0) | plg_finder_tags (3.0.0) | plg_finder_content (3.0.0) | plg_finder_weblinks (3.0.0) | plg_finder_categories (3.0.0) | plg_finder_newsfeeds (3.0.0) | plg_finder_contacts (3.0.0) | plg_search_tags (3.0.0) | plg_search_content (3.0.0) | plg_search_weblinks (3.0.0) | plg_search_categories (3.0.0) | plg_search_newsfeeds (3.0.0) | plg_search_contacts (3.0.0) | plg_twofactorauth_yubikey (3.2.0) | plg_twofactorauth_totp (3.2.0) | open graph - content (6.1.0) | open graph - custom object (6.0.0) | plg_editors-xtd_readmore (3.0.0) | plg_editors-xtd_pagebreak (3.0.0) | plg_editors-xtd_article (3.0.0) | plg_editors-xtd_image (3.0.0) | plg_quickicon_jcefilebrowser (2.4.6) | plg_quickicon_extensionupdate (3.0.0) | plg_quickicon_joomlaupdate (3.0.0) | plg_quickicon_akeebabackup (1.0) | plg_user_contactcreator (3.0.0) | plg_user_joomla (3.0.0) | user - jfbconnect social integ (6.1.0) | plg_user_profile (3.0.0) | xmap - content plugin (2.0.4) | plg_installer_akeebabackup (1.0) | plg_installer_admintools (1.0) | plg_installer_webinstaller (1.0.5) | plg_jmonitoring_akeebabackup_t (1.0) | plg_editors_codemirror (4.12) | plg_editors_tinymce (4.1.7) | editor - rokpad (2.1.8) | plg_editors_jce (2.4.6) |
templates discovered :: wrote:templates :: site :: protostar (1.0) | beez3 (3.1.0) | skanner (1.0.0) |
templates :: admin :: hathor (3.0.0) | isis (1.0) |

first make correction website, after update it. can install ose secure™ - joomla! extension, best security of website.





Comments

Post a Comment

Popular posts from this blog

Warning, the Safe Path is not accessible vm3 - Joomla! Forum - community, help and support

-
i have install virtumart 3 , safe path error (vmerror: warning, safe path not accessible (does not exist or no permission), safety reasons important create folder in path not accessible url or unguessable name, create folder 'invoices' , 'keys' in store sensitive data secure. our suggested path system '/home/shop3/vmfiles/'. you can use complex folder name 'password' example '/home/shop3/public_html/administrator/components/com_virtuemart/pgq9b3kscpin/'. use link config) does have idea why, if created folder, can't warning out? virtumart virtuemart 3.0.8 joomla! 3.3.6 stable problem solved Board index Joomla! 3.x - Ask Support Questions Here Extensions for Joomla! 3.x
Read more

uppercase letters in url - Joomla! Forum - community, help and support

-
hello all, i in process of migrating joomla 2.5 1.5. 1 of categories in 1.5 version had capital letters in name. in joomla 2.5, uppercase letters in article/menu/category alias automatically converted lowercase. i tried changing menu alias in database, caused 404 error in category-blog page. i have been trying many days find solution, reason being many of pages category in 1.5 site have lots of facebook likes don't want lose. does work-around exist allow me manually change category/menu alias category blog page , articles have category name uppercase letters? any appreciated. thanks! you can 301 redirect uppercase urls lowercase. Board index Joomla! Older Version Support Joomla! 2.5 Search Engine Optimization (Joomla! SEO) in Joomla! 2.5
Read more

Joomla! Update is not offering Joomla 3 - Joomla! Forum - community, help and support

-
hi i trying upgrade joomla 2.5.27 3.6. have checked requirements (i've upgraded site), purged cache , gone short term support, when click save & close told (as before) have latest joomla version - not offer me joomla 3.6 (or else). have suggestions please? thank you c you can download joomla 3.x update , install manually using joomla's extension installer. don't forget create backup before doing that. Board index Joomla! 3.x - Ask Support Questions Here General Questions/New to Joomla! 3.x
Read more