Portal Home > Knowledgebase > Articles Database > Issue with joomla stories folder
Issue with joomla stories folder
| Posted by tetrahost, 08-15-2013, 08:33 AM |
| Hey! i believe many people is having issue with joomla /images/stories folder where some php files are being upload by hacker and using them to ddos server. I am trying to find a solution. If anyone have it, please let me know.
I believe we can stop this by creating a mod_sec rule which will not allow php file execution from specifically following "/images/stories/" location. Is there anyone who can help me with creating such rule?
|
| Posted by Kailash12, 08-16-2013, 01:56 AM |
| The best practice to avoid such problem:
[1] Keep your Joomla up-to-date
[2] Assign only required files/folders permissions
[3] Run PHP as a user instead of Apache/nobody user
[4] Disable PHP, perl, python script execution for your upload/image directories using .htaccess. In most cases these directories do not require executing any script. You can create .htaccess with following to disable it:
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI
[5] Keep your Joomla plugins,components,themes up-to-date
Though this will not secure your website 100% but these are the preventive measures you should take...
|
| Posted by Dr_Michael, 08-16-2013, 04:29 AM |
| Which Joomla version do you use?
|
| Posted by tetrahost, 08-16-2013, 04:38 AM |
| Joomla 1.5
|
| Posted by Dr_Michael, 08-16-2013, 04:42 AM |
| Which version exactly 1.5.?
|
| Posted by bune, 08-21-2013, 04:46 PM |
| Upgrading to Joomla version 3.1 and setting right permissions should be sufficient
|
Add to Favourites 
Print this Article
Also Read
Shared Hosting
Shared Hosting
