Hi, my site was hacked, now even after blocking auto-registration script post every hour spam, could you help me?

Hi, Kerstin.

Having spam on site doesn't mean it was hacked. It only means that someone is registered (or registering) and posting a spam. It could by done by robots but if you have Captcha enabled then it's not possible... co it could means that someone is registering on your site - a human and post a spam.

You can't do much about it... you may try to install some IP blocking scripts or a king of geoblocks: extensions.joomla.org/extensions/access-...e-access/ip-blocking

Hi Michal

I repeat my prior sentence : < even after blocking auto-registration >
and with Captcha enabled it's happened

So Michal please take a look ok ? is important for us.

Thank you

Hi, Kerstin.

I already took a look when you answered you for the first time.
In your community HUMANS are registering to post spam messages... I provided you with a link where you can find some IP/Geo blockers.

Dear Michal,

I have blocked possibility to register
I have enabled Captcha

They doing what they want!

Please help me solve this problem otherwise I can't continue work with you guys .. is to much troubles for money what you expect

Even I can't delete them!

Hi, Kerstin.

No, you haven't disable register: marketingeros.com/registro prntscr.com/4g8zt2
So they can...

If you're administrator, you can delete ANY account in backend.

This is an overall site issue - not JomSocial. Security of your site or fight with spammers that registering on your site are your concern. I gave you some tips already. That's all we can do. Please, read our Support Policy: www.jomsocial.com/support

You can hire a developer to help you fighting spammers back.

And to make clear: your site WASN"T hacked. Spammers are registering on your site and post spam manually. there wasn't security breach in any JomSocial file.

Nice if you said this,
so please come inside of system and check >

I have blocked possibility to register / self
I have enabled Captcha

but this doesn't work >

And to make clear: yes system was hacked I have confirmed this by my server admin ...

so what now ?

Hi Kerstin,

If you think that your site has been hacked then you need to look at where the hack has occurred. i have logged in and checked the following

1. The version of Joomla you are running has a known security flaw that opens your site up to potential hackers, this security breach was discovered some time ago and you have not taken steps to update Joomla to close the hole
2. Jomsocial has a build in troubleshooter that checks the checksums of all our files so if a hacker has modified a file of ours then this tool will show that. When i just checked, all files from jomsocial are untouched.
3. Jomsocial takes security in our code very seriously and is constantly checking and updating code to make sure we provide a secure product and we believe that we do.

I would recommend that you
1. Patch the holes in your site immediately by updating to the current release of Joomla
2. Strengthen your passwords, the one you have supplied us has a score of 44% this could be improved greatly
3. Look though your server logs and find where they got in, what they did and how they did it. If you don't work this out and and the hacker has placed some code in your site then they may be able to execute it at anytime even after you patch your site.

if you believe that the hack was done though our code please attached the logs showing this. As Michal has said in previous replies, spam and stopping spam at registration is configuration in your site, our product allows for the use of Recaptcha and askimet, there are also many other 3rd party applications that are available for use. They are available but need to be setup by the site administrator.

Site security is the responsibly of the site owner, we are more than happy to assist or advise you about best practices but security of your site is something that you need to manage

Hi Paul,

This become more and more complicate .... is true that joomla is not upgrade
I don't know why in panel control we have massage :
No updates available - You already have the latest Joomla! version, 2.5.19.


... how is possible ? I don't know but I gonna to upgrade system
I happy to heard that: all files from jomsocial are untouched.

So what I have to do is: open for all issues like problems with register, problem with delete users etc new topics ????

This is a lot of time, I can't continue like this ....
really I expect better software and service in this price,
I was your client since years ... but yet we come to limite ... for me is hard decision
... but finally I have a lot of problems, funny communication where you guys,
communication oriented on document me that problem is on client side ...
As result we have a long discussions but no solutions

This is correct ?

Hello Kerstin,

This become more and more complicate .... is true that joomla is not upgrade
I don't know why in panel control we have massage :
No updates available - You already have the latest Joomla! version, 2.5.19.

This is a joomla issue and not related to Jomsocial, Joomla 2.5.19 is not the current version of Joomla for your own sites security you need to update it, if you are unable to update joomla yourself you can find more information here docs.joomla.org/J2.5:Upgrading_from_an_existing_version

So what I have to do is: open for all issues like problems with register, problem with delete users etc new topics ????

Yes, if the issue is not related to your original post you need to create a new topic for each issue, This topic "site hacked" has not been caused by jomsocial and your site being hacked is not related to a registration spam issue. If you need help setting up recaptcha we have a help document here documentation.jomsocial.com/wiki/Enabling_ReCaptcha

This is a lot of time, I can't continue like this ....
really I expect better software and service in this price,
I was your client since years ... but yet we come to limite ... for me is hard decision
... but finally I have a lot of problems, funny communication where you guys,
communication oriented on document me that problem is on client side ...
As result we have a long discussions but no solutions

So far there is not any faults been reported that are bugs, your site being hacked is something you need to look at from the server as i explained in my last reply. Avoiding spam is correct setup of your site and there is documentation in the link above that explains this. We are happy to support outr product and fix any bugs as they are reported but fualts, setup or other items related to Joomla need to be directed to the Joomla support forums, If you posted a support question about Jomsocial they would tell you to ask us, It is the same situation.

We are not trying to avoid your questions and we are happy to help with anything related to our product. Anything that is related to Joomla needs to be addressed to Joomla.