If you’ve tried to visit in the last week, you may have been greeted with a gray page informing you of my website’s temporary demise. Unfortunately, the problem occurred just two days after I left the country on vacation.
What happened was this: Someone managed to get access to my Joomla installation on another domain! They were trying to use the mail server to send out phishing attempts.
Luckily, Bluehost’s tech support and abuse teams managed to find the issue and deactivate my websites.
Unfortunately, I was off across the ocean and didn’t see what happened for almost an entire week.
Now, I’ve posted about the importance of keeping your CMS up to date for security purposes, but it seems like this vulnerability exists in all versions of Joomla from 1.012 to 1.5.x. Any php.ini file needs to have register_globals turned OFF. Frankly, I wouldn’t recommend Joomla to anyone.
I set it up for my very first website – and its a mistake I regret to this day some two years later.
While Joomla has a lot of potential, it seems like the project is over-extended and over-reaching. Security is what takes the hit when they add so many options with such a limited team to offer support and updates.
Some people are using Joomla and loving it – but a lot of us were hit in the first week of June with an exploit that’s practically as old as the internet.
So what now? Well, all of my Google SERPs are gone. Since my business relies on that to generate revenue, it may be a while before I can get back the traffic I need to make any money online. One week of vacation is going to end up costing me weeks or even months worth of income.
Oh well, at least we had a good time – before we got back home.
As great as it is to be able to walk away from your websites and continue serving traffic, it can be a nightmare when you walk away and everything falls down. Its important to have an eye on your sites if you’re counting on the cash flow, so maybe next time I’ll buy a laptop before I try to go. Unfortunately, this could hurt my ability to relax – but I wouldn’t say I’ve been relaxed since the exploit was discovered and the account got shut down! In that sense, the constant access would be more for peace of mind.