Bummer!
The website of Badian Cebu was defaced!
The above-mentioned website was discovered a month later after doing some surfing ang searching for government related sites created using joomla cms.
The site is probably using an older, un-patched version of joomla, (ie; joomla version 10.12?) I think the attack vector used on this site is most likely sql injection or buggy plugins, mambots, components exposing those exploits.
The sad part is the site seems has not been fixed for more than a month now. The site must be patched and migrated to a secure file. Duh! I don’t know what I’m taking about.
The webmaster’s part must check for file permissions, log file analysis to better curb the problem and backup often.
Glad to see that a lot of Filipinos like me are really involve in Joomla issues!Way to go kababayan!
By: Lester on March 28, 2009
at 8:53 am
thanks for dropping by Lester! I just wonder why until now the site has not been fixed.
By: joomlaguro on March 28, 2009
at 10:00 am
I never trusted Joomla. luckily.
By: PinoyEngine on April 23, 2009
at 3:07 pm
i think joomla cms and other cms as well have security issues including wordpress, it’s a matter of how to keep these setups and installations secure, testing before deploying, patching it well, some users aren’t security savvy or don’t mind at securing all for as long their sites are running.. duh..
By: joomlaguro on April 23, 2009
at 3:15 pm
Luckily, I never trusted Joomla for CMS in every site of mine.
By: PinoyEngine on April 23, 2009
at 3:08 pm
good for you
By: joomlaguro on April 23, 2009
at 3:17 pm