What’s the issue?
In recent months we have detected a growing number of Joomla websites on the net that use the Beez Template, which has then been hacked. So much so that we would advise against using this template at all.
The hacker or worm is able to create or modify a file within your template through the use of cross site scripting (XSS). It then uses this file to send out spam messages and affect other systems; fake emails that appear to be from PayPal and LinkedIn, etc. It then uses your website as a “gofor” to pass information on to the hacker.
What to look for!
Locate your Beez template folder. Within this folder there will be a randomly generated file or files that were not part of the original template. The most common names detected so far are:
- wps.php
- i.php
- del.php
However, they can be absolutely anything. If you are using the Beez Joomla template and are unsure if your website has been compromised, drop us a message.
Why does it happen?
Lots of web developers like using Open Source technology such as Joomla and WordPress, (ourselves included) and out of the box they are quite robust. However, they are at risk from hackers, bots and worms if:
- They are not kept updated regularly
- You install poorly developed third party plugins
- You install poorly developed third party templates
The trouble is the “Average Joe” user will not know the difference between what is poorly coded and what is good. They also rarely carry out updates to their main OS platform. This is one of the main reasons you should hire a professional web designer for business websites.
How can you fix it?
Clearly something’s gone wrong if you have been affected. You’re not going to like it, but the only real way to guarantee a safe website is to start again.
- Backup everything
- Wipe everything
- Set new complex passwords – for everything (FTP, MySQL DB, OS Install, Email Accounts, etc)
- Install the latest version of Joomla (or other OSS)
- Code up a new template (ensuring it is protected against XSS threats)
- Double check third party plugins you install. Better still, do not install them!
- Lock the system down and only give access to those you trust
Should our clients be concerned?
No! we don't use template themes for websites we build, all our framework themes / templates are bespoke and built as "once off" designs for our clients.
If your website is for business use, then you may wish to use a dedicated server, as if you’re on a shared package then there is an additional risk that other sites can affect yours.
