I hate Mondays - hack

downtime hack ogre

Great. I got a call from the provider of the server on which runs today saying that the server had been compromised, and that they were going to have to resinstall it. Seems that an unpatched flaw in a Joomla! component allowed a backdoor to be created which was spamming. My fault - I should have patched Joomla! more often. But, I’m busy. What’s annoying is that even though I can 100% guarantee that the compromise could not have extended beyond a certain defined scope, since SELinux prevents that at the kernel level, the host has insisted on taking a tough line on this - their unshakeable policy says that a completely fresh reinstall is required, and it has to be done today.

Read more →