i discovered there spam-like text appearing on header , footer of of site pages. first got email customer describing it, noticed google has indexed of pages spam in meta-description, , saw issue when loaded administrator login screen.
i ran grep on server search of keywords , found way directory: /libraries/joomla/session/
inside these have 2 cryptically named directories (30ish hexidecimal characters). inside 1 of these have on 200 files (without file extensions) again long hexidecimal names. opened 1 in text editor , contains viagra ads of site modules legitimate text in there well.
wondering how proceed this. first, these folders , files for? can safely deleted? or have legitimate purpose have become corrupted? site crash if start deleting them? also, provided can clean up, best way prevent happening again. have site shopping cart installed , user login sessions, worried cause issue in cart or login form if start doing things arbitrarily here.
i'd appreciate replies spell out me as possible not versed administration of site or server.
appreciate here.
i ran grep on server search of keywords , found way directory: /libraries/joomla/session/
inside these have 2 cryptically named directories (30ish hexidecimal characters). inside 1 of these have on 200 files (without file extensions) again long hexidecimal names. opened 1 in text editor , contains viagra ads of site modules legitimate text in there well.
wondering how proceed this. first, these folders , files for? can safely deleted? or have legitimate purpose have become corrupted? site crash if start deleting them? also, provided can clean up, best way prevent happening again. have site shopping cart installed , user login sessions, worried cause issue in cart or login form if start doing things arbitrarily here.
i'd appreciate replies spell out me as possible not versed administration of site or server.
appreciate here.
man sounds have been hacked me, sound reading first line of text (i have never experienced self inserting text headers, far aware clear sign of hack attack). please use forum assistent post asap , add in security section joomla 2.5 section, little more knowledge me at. please read through security check list: http://docs.joomla.org/security_checklist_7. link forum post assistent: viewtopic.php?f=432&t=586336.
Comments
Post a Comment