Joomla.org hacked over the weekend
Posted by nathan on 20 Aug 2007 | Tagged as: Tech Stuff.
I have previously talked about my involvement with Joomla!, the most popular open source CMS in the world.
The Joomla! family of sites get a load of traffic–and by a load, i mean, the family of sites is run on three dedicated servers.
Well, this weekend, several of the Joomla! websites were hacked–this included:
joomla.org
help.joomla.org
shop.joomla.org
As you can imagine, this created quite a stir in the community–and created a lot of worries, too, such as, “Is my Joomla! site vulnerable?’
As it turned out, it wasn’t an issue with Joomla! core at all (as is normal when a Joomla! site gets hacked), but was the combination of two things:
1. a faulty custom component used on the shop
2. register globals emulation was on
Each of these three sites which was hacked were all on the same physical server. the other physical servers were not touched.
Pretty interesting little happening on Saturday morning!
All was back up by early Sunday morning. You can read the official core announcement here.
No Comments »