Joomla Help | Joomla Support Company | Joomla Consultants | Joomla Experts | UK
The Heartbleed Bug

The last couple of days has seen a lot of press attention about the 'Heartbleed Bug', a compromise in Internet privacy & security that affects websites hosted on the Apache and Nginx web servers, used by many leading website hosting companies including ourselves. (More details on the Heartbleed Bug can be found below.)

‘The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.’

Source: http://heartbleed.com/

Heartbleed bug creates confusion on internet   10 April 2014
Heartbleed: Do you need to worry?                 10 APRIL 2014
Tech firms urge password reset                      09 APRIL 2014
Scramble to fix huge security bug                   08 APRIL 2014

Like everyone else involved in the Internet and Internet security we are still coming to terms with some aspects of this particular bug.

Our advice: stay calm - there is no sign so far (anywhere on the internet) of large scale exploitation of this bug to compromise servers. As far as we know legitimate security researchers were the first to find this and not hackers. That being said - the implications of the bug are serious.

Below we have some information for our current customers about the steps that are being taken by ourselves and our providers to ensure the safety and security of your data. Please rest assured that all is in hand and we will be in touch with further updates should the situation change.

If you are not currently one of our clients and you are looking for help / advice with your own websites, hosting or servers please contact us using via the contact form visible when clicking this next link - or directly using the telephone number at the top of this page.

Our Providers

Our providers have patched all of their own infrastructure and generated new ssl certificates for control panels and associated technologies.

Our Shared Hosting

Our shared hosting - which you utilise - is safe, very few clients on shared hosting use their own ssl certificates, so there is little risk there. There are some 'shared SSL certificates' used so that images and other resources can be shown from a 'secure' url - useful for example if you want Paypal to show your logo on their sercure checkout page which Paypal host, but the implications here are minimal.

Our High Capacity, High Availability Hosting

Our servers, like two thirds of the internet, were running the vulnerable version of the Open SSL library. Once word of the vulnerability started to leak out, were found out about the exploit quickly and had all of our servers pathced and the appropriate services restarted very quickly. By close of business on Tuesday all of our servers were secured. Like everyone else we are evaluating next steps including advising clients on the need to update passwords.

Word is spreading of a need to change all passwords on all accounts you use across the internet - this will include your 'Hosting control panel', email, ftp, and database user accounts. This step is precautionary - there is no evidence that such info has been compromised.

We recommend that you take steps to change as many of these as you can, and contact us for help to change any that are outstanding.

For Shared Hosting

Please log into: http://customer.deanmarshall.co.uk/ with your current username and password in order to affect the changes.

  • Control panel and ftp passwords:  
    can be changed from the right hand side bar.
  • Database passwords:                    
    from within 'Web Tools' -> 'MySQL Databases'
  • Email accounts:                           
    from within 'Email' -> 'Mail boxes'         (if your email is hosted elsewhere no action is needed here)

High Capacity Hosting

  • CPanel Password:            
    Preferences -> Change password
  • Email Accounts:              
    Mail -> Email accounts -> alongside each account click change password
  • Main ftp account:           
    uses your CPanel password - so is updated if/when you change that
  • Additional ftp accounts:   
    Files -> FTP Accounts -> alongside each account click change password
  • Databases:                    
    Databases -> MySQL databases -> Scroll down to list of Database Users -> click on each in turn -> enter new password twice

Please bear in mind - that changing passwords on email accounts and ftp will leave you unable to connect until you place the new passwords into software on your computers.
Changing database passwords will leave your site inoperable until relevant configuration files are updated.

In closing - there is no evidence that this bug has been exploited in the wild. Our systems are now safe and changing passwords is a precaution in case anything was compromised prior to the fix.

How can we be sure that nothing has been compromised. The long and the short of it is that we can not - no-one can. The exploit in question leaves no trace, no evidence in log files no visible sign anywhere.  Although the nature of the bug itself would leave no evidence of exploitation - large scale compromises tend to get boasted about and proof, in the form of thousands of passwords, posted online. To date there is no evidence of any such thing.

I hope that the information is of use.

Dean
--
Dean Marshall
Managing Director

 
Joomla Pharma Hack Introduction

The pharma hack is a black hat SEO hack whereby legitimate websites are exploited with the aim to make money by promoting pharmaceutical products, typically pharmaceuticals such as Viagra and related erectile dysfunction treatments (regalis, cialis, tadalafil, etc) - unbeknownst to the legitimate site owner or operator. The pharma hack is known to target many different systems and is perhaps most widespread amongst Wordpress websites - but it is also quite prevalent among Joomla websites leading to the phenomena of

Often the first thing the operator of the website knows about the hack is when someone reports that the site's Google search results are hijacked and showing descriptions mentioning Viagra or other pharmaceuticals. Variations of this hack also promote payday loans, casinos and gambling, software downloads or pornography.

One of the biggest problems when informing website owners and operators that their site is the victim of a pharma hack, is that the site continues to display as normal to most visitors - only degrading later as further exploitation gets more aggressive.

This is a form of 'parasite hosting' and is one of the worst forms of 'black hat' Search Engine Optimisation. In fact many people regard this as beyond the limits of black hat SEO and call it out for what it actually is, plain illegal hacking.

In this series of articles we will look at:

  • the process - how do the hackers do the pharma hack
  • why do they do the pharma hack
  • how can you prevent your site hosting Viagra products
  • how can you check if your website is hosting Viagra products
  • and how to fix/clean/repair/de-hack/remove the pharma hack from your website

Continue reading an Introduction to the Pharma hack
 
How To Fix the Pharma Hack

This is a follow-on article from our instructions on 'how to tell if you are the victim of the Pharma hack' article. We assume here that you have already verified that your site has been hacked and you are now looking for information on how to clear the hack and recover your site to its previous clean state.

Please bear in mind that de-hacking / cleansing a website from any hacking incident is a complex process and if you have not done this before you are best advised to retain the services of someone with experience of de-hacking / cleansing websites from hacks such as the pharma hack.

Click the link below to go to our Joomla de-hack form

Continue reading How to Fix the Pharma Hack
 
How To Tell If Your Site is Hacked with The Pharma Hack

In a previous article we have detailed what the Pharma hack is and provided some background information on how the process works and even some information that can be used to cleanse your site and 'fix the pharma hack'.  Whilst our particular expertise is providing support and security help to people running Joomla websites many of our skills are transferable and can be used to help you no matter what system powers your website.

Four Five quick ways to tell if your site is a victim of a pharmaceutical hack (pharma hack)

In this article I'm going to show you how to check whether your site has been compromised and is being used to display pharamaceutical products. One of the most difficult aspects of this kind of website hack is that it is invisible to the site owner / operator. Sometimes we discover hacked sites because they are linked to from other sites we have identified as being hacked. Trying to tell a website owner their site is hacked when all they see is their normal website is difficult.

If you have been directed to this page by our team under these circumstances it is critical that you follow the procedures outlined below to gain independent confirmation that what you have been told is correct. Please read this article and related articles on this site and any other referenced materials.

We fully understand that you must do your due dilligence to be confident that we aren't the bad guys trying to take advantage of you.
We understand that it is important that you familiarise yourself with who we are, what we do, who we do it for and confirm our credentials. With this in mind we provide the following information.

Continue reading How to tell if your site has been Pharma hacked
 
Why Do Hackers Perpetrate The Pharma Hack

Understanding the motivation behind the Pharma hack is unfortunately a rather easy question to answer. It is all about the money

Once upon a time hackers were bored teenagers who wanted to show the world that they were cleverer than everyone else. They used computers to feel in control of, and to show their superior understanding of the technology that they knew one day would be everywhere.

Fast forward 20 years, the technology is everywhere and no-one really cares if someone else feels they know it all.  A new breed of criminals are exploiting the internet for financial gain. At the end of this process an interlinked network of computers are passing traffic to a possibly legitimate company who pays an affiliate fee, a small commission, in much the same way that Amazon does to traffic referred to it.  The sites in the network are all hacked, as is the final site in the chain that bounces the traffic on to the final affiliate. Thus you have revenue with zero hosting costs or other associated business expenses. A truly parasitic arrangement.

Not only that - but legitimate sites potentially face a loss of standing in their respective fields and potentially have significant costs associated with de-hacking their website(s).

 
How To Avoid The Pharma Hack

Like all things in security - there are no guarantees. If you want to be entirely sure your website never gets hacked then build your website, take it offline, put it on a computer in your bedroom that is never connected to the internet, and never turn that computer on. That will be very secure - but will totally defeat the purpose of having a website, namely to have a publicly accessible presence.

There are more reasonable steps that you can take though:

  • To minimise the chances of a successful hack
  • To speed up recovery if you do succumb at some point

The most important thing you can do, and we can't stress this enough, is to keep your website up-to-date. Not the articles and the images, but the underlying Content Management System that helps you build your website and that provides all the nice interactive elements. That's the part that gets exploited.  You *must* keep the Content management System that powers your site up-to-date, whether that is Joomla, Wordpress, Drupal or any other system.

Likewise, and in many respects more critical, are the myriad third party add-ons within your site.  A CMS like Joomla or Drupal is tested by many knowledgeable people before it is released. The add-ons you or your developer installed to give you a nice calendar, an image gallery, a forum or whatever else are somewhat less tested, are typically built by hobbyist programmers and contain more bugs. WYSIWYG editors and file upload functionality offer another vector through which many sites are compromised.  You must monitor the extensions your site relies on and keep them up to date. If you can't do this then pay someone who can.

 
Getting Professional Help To Fix The Pharma Hack

Finding your website listed in search engines such as Google with links and descriptions hijacked and manipulated to mention Viagra or related pharmaceutical products is not one of life's finest moments. We understand the difficulties that the average owner or operator of a website finds themselves in when this happens.  We understand that running websites is not the major part of most people's job description and that 'webmaster' is probably just one extra hat that you wear.

In the other pages within this hacking and security area of our website, we have tried to provide information that will help the more technically savvy to check whether they have been hacked, or to confirm they have if they already suspected. We have provided an explanation of how the hack works and why people hack other people's websites. Moreover we've provided some quite in-depth tools to help techies to start to look into removing the pharma hack themselves.

At the same time though we know many of you whilst perhaps able to check/confirm the existence of the hack, will no doubt find the removal / cleansing stages a step too far. We understand this and want to let you know that we are here for you.

Professional Help to Remove the Pharma Hack

Dean Marshall Consultancy can help you to fix your website and remove the Pharma hack - permanently - and unlike every other organisation we are aware of WE GUARANTEE IT.

We are aware of many sites that get re-hacked, often multiple times because of a botched clean-up process. We have the experience and the expertise to

  • Confirm a website is hacked
  • Verify whether the hack is the Pharma hack or some variation on the theme
  • We can scan your website files for malicious files that don't belong
  • We can upgrade your Joomla installation or other CMS
  • We can, in most cases, identify the initial entry point - the vulnerability that got you hacked
  • We can secure your site so that it is no longer vulnerable
  • We will provide security options to harden the general level of security on your site
  • We will put in place software to detect anyone trying to connect to the removed hacker files

We will usually do all of the above within 24 hours. 

Guaranteed Fix For Pharma Hack - Black Hat SEO Hack

Additionally, and this is the real 'added value' of our service: We will return and re-scan your system after three days, and again after approximately one month all inclusive within the one-off fee.

Continue reading Getting Professional Help to fix pharma hack
 
How Does The Pharma Hack Work

Sites running obsolete copies of popular Content Management Systems such as WordPress or Joomla and/or out of date add-ons within those CMS's are hacked all the time.

In more innocent times you would typically see your home page replaced with a message related to the hacker's cause.

The Pharma hack dates back three or more years, but for the last 12 months we have been monitoring a growing trend of 'invisible' hacks.  The hacker gains entry one way or another - as per old school hacking their first action is to upload some form of web-shell - or force one to load through a remote file inclusion vulnerability.

Next they make a subtle change - perhaps adding their target word to the homepage's title. As browsers don't show the title as they did before, this goes unnoticed by humans for a few weeks. Alternatively a new folder is created and populated within the file system.

Next - after Google is given time to recrawl the site and find these subtle changes and starts to climb up the search engine rankings for its new 'keywords' - a further stage of hacking takes place. Links are embedded within the site - and perhaps a bit of new content often linking out to hacked pages within the host site or within other sites.

Now this phase is clever - the hacks are cloaked and aren't visible to normal users.  Only Googlebot, Google's search engine crawler, receives the changed content - or a normal user who tricks the hacker code into thinking they are the search engine.

Continue reading How the Pharma Hack Works
 
Joomla Site In Situ De-hack - The Samatha Trust

When we found our web site—the Samatha Trust—had been hacked causing searchers for the buddhist meditation classes and courses we offer to be re-directed to "hot redheads in Oldham" we were very keen to resolve the problem as soon as possible. The Dean Marshall Consultancy team's response was professional, speedy and effective.

They identified the cause and effectively eradicated the malicious code which had infested the site within 24 hours of receiving payment. The bespoke reports on their work and security advice provided during the de-hack process were clear and useful. The scans made one week and one month after the initial clean-up were carried out professionally.

I have no hesitation in recommending the Dean Marshal Consultancy team to you.

Rob Adkins
Trustee
The Samatha Trust

Read more...
 
Web Professional Tools - Recommended Firefox Add-ons

Unless you have been living under a rock for the last few years, or you are totally new to web design, you are probably aware that Mozilla Firefox is the web browser of choice for most web professionals. 

There are a number of reasons for this - anti-Microsoft resentment, hatred of IE (particularly version 6), etc. One reason for the success of the Firefox web browser is that it is incredibly flexible.  Firefox is extensible (or extendable if you prefer) via a system of extensions that add myriad new features and customisations.

Continue Reading: Web Professional Tools
 
Dean Marshall Consultancy - Proud to help Brian Teeman spread the Joomla Love

Leading Joomla evangelist Brian Teeman - one of the founders of Joomla and Open Source Matters (OSM) the body the holds the project's trademarks and purse strings - shared details of his difficulties in finding the time and money to travel the world promoting the project.

In his blog post - Helping Me spread the Joomla!Love - Brian asked if any of the individuals and companies who make a living from Joomla would be willing to help fund his travel expenses.

I think we would have done so anyway - but Brian ingeniously offered an incentive to sweeten the deal. Brian presents talks and presentations and offered a small advertising slot on slides of his 'next generation' Joomla Secrets talk.

Read more...
 
Ubuntu 11.04 Mouse and Keyboard Issues

If like myself you have upgraded to the latest version of Ubuntu, you may have also noticed that the keyboard and mouse do not work, you have to bang the mouse or press keys down several times for them to work.

I've found a work around for now and have posted this on the Ubuntu forum.

If you have a zombie process running then you need to 'kill it' ( for this you will need a command-line terminal ), below is the command line code you need to do this.  Until Ubuntu is upgraded or someone else finds a permanent fix, you will have to do this each time you start your machine.

Continue Reading: Ubuntu Keyboard and Mouse Issues
 
Help Moving Your Webite To Our Joomla Hosting

We can help you with the task of transferring your existing website to our web Joomla hosting.

Whilst many moderately advanced Joomla users are capable of moving their Joomla website from their old web host to our Joomla web hosting we fully understand and appreciate that not everyone can do so.  We can take the complexities and uncertainties out of the equation for you.

We charge a fixed fee in exchange for which we can backup your existing Joomla website - move the site (files and database) to our web server and help with transferring the domain name itself.

We then point the domain name to the new web hosting and set up the first three email addresses for you.  Your Joomla hosting will typically come with its own control panel so you will be able to manage emails and other many other add-ons yourself.

 
Expert Joomla Hosting Service
Dean Marshall Consultancy are pleased to announce the launch of our web hosting packages aimed at Joomla users.  Through our experiences of dealing with many clients - and their web servers - we've seen just how wrong some other web hosts get things.

We are confident that we can offer:

  • offer high quality hosting
  • offer the features that make Joomla and Mambo easier to use
  • remove the road blocks that many people experience
  • affordable, reliable and flexible hosting
  • full service hosting - including automated backups
  • mirrored hosting - full copies of your site ready to go should anything go wrong

We are confident that our knowledge of Joomla, together with our experiences as leading figures in both the Mambo and Joomla CMS communities mean that we understand the difficulties that people can have both with the CMS's themselves, but also with the servers and related technologies. Our knowledge in these fields is key to our tailored packages and support systems. If you need assistance we have the answers.

Price Bandwidth and features
£ 12 per month 100MB web space
up to 1GB bandwidth per month

£ 17 per month up to 500MB web space
up to 2GB bandwidth per month

£ 25 per month up to 1000 MB web space
up to 5GB bandwidth per month

£ 35 per month up to 3000 MB web space
up to 20GB bandwidth per month

To find the perfect hosing package please call us now - or use our contact form.

 
Professional Joomla Web Hosting Packages

Expert Joomla CMS web hosting from experienced web professionals.

Dean Marshall Consultancy have been offering web hosting packages aimed at Joomla CMS users.  Through our experiences of dealing with many clients - and their web servers - we've seen just how wrong some other web hosting companies get things.

We are confident that we can:

  • offer high quality hosting,
  • offer the features that make your chosen CMS easier to use
  • remove the road blocks that many people experience
  • provide affordable, reliable and flexible hosting
  • offer full service package - including regular backups
  • build mirror copies of your site - ready to make live in any eventuality

Joomla Web Hosting Information

Our knowledge of Content Management Systems, together with our experience as leading figures in the Joomla support community means that we understand the difficulties that people can have both with the CMSs themselves but also with the servers and related technologies. Our knowledge in these fields is key to our tailored packages and support systems. If you need assistance with your website hosting we have the answers.

For the perfect Joomla CMS web hosting package please call us today - or use the contact forms on this site. We'd love to talk over your options and show you just how good our services are.

 

 
Old versions of articles show after edits

Have you ever needed to carry out an urgent edit on one of Joomla's articles - perhaps to correct an embarrassing typo or factual error - but even after saving the article the old page still shows on your website. Sometimes no matter how often you refresh the web page the previous version of the article appears.

Problems with Joomla Cache

If you have ever activated Joomla's internal cache functionality - perhaps in the hope of speeding up the site - you can get bitten by this problem.  Joomla has methods for clearing this cache but unfortunately it takes three or four clicks too many and is hidden away in a not too visible part of the menu.  We can help optimise your website's cache settings, make sure you understand the implications of some of the more advanced options, and implement tweaks to your site to make clearing the cache quicker and easier for when you need to force through your changes in a more immediate manner.

Help with Joomla Cache Issues

If you are struggling with any cache related issues please call us to discuss how we can help you operate your Joomla website more efficiently.

 
Joomla Template Customisation Help

Professional Joomla template customisation help - do you need support customising your template? Our team of Joomla professionals can help.

Sooner or later you will want to make tweaks to your website's look and feel - this is controlled by your CMS template.  Whether you bought an off the shelf Joomla template, perhaps through one of the many Joomla template clubs, or whether you had a designer custom program you a totally bespoke template design, chances are you will want to carry out some template customisation or tweaking.

Joomla Template Help From Recognised Troubleshooting Specialists

We've worked with some of the biggest names in Joomla template clubs. We have years of experience of editing website templates, day in and day out, working with the best Joomla template manufacturers.

read more about Joomla template customisation
 
Joomla Error Messages Visible

Error messages on your Joomla pages? Worse still - perhaps you are seeing a totally blank page. A blank page is just an error but with the error message itself being suppressed by server settings.

Like most people you have done your best to project an air of professionalism with your on-line presence, and you've invested a lot of time and money into your Joomla website. After all this time, effort and investment it is a shame that if your pages show Joomla error messages you may scare away potential customers.

We have good news - our team of Joomla professionals can help you solve the problem of unsightly Joomla error messages.

read more about error message in Joomla web pages
 
Joomla file and folder permissions on unix web server

Joomla file and folder permissions on a Unix web server can be one of the most confusing issues for new Joomla web site administrators.  Not only is the system very different from experience you may (or may not) have dealing with permissions on other systems, there are many variables that can change the 'standard' advice.

This means that many Joomla websites operators run into difficulties. 

read more about web server file and folder permissions
 

Reset Joomla Password - We Can Recover Your Joomla Password

Locked out of Joomla powered website?

Joomla password reset - every now and then you build yourself a website and you don't login for a number of months, or worse still, someone within your web design team (whether within your organisation or an external consultant) changes the main Joomla admin password and subsequently leaves the team locked out of your website.

Forgotten Joomla Password - How To Reset Joomla Password

Cannot login to Joomla website as super administrator?

No matter how it happens - you are left unable to login with high enough privileges to make high level changes to the way your website runs. Our team of experts can help reset your Joomla administrator password.

read more about resetting the Joomla admin password
 
Stop Spammers Flooding Your Joomla Registration

So you've launched your Joomla website and within a few weeks you find that you are getting a steady stream of sign-ups on your website. Joomla handily sends you an email telling you the 'good' news.

Unfortunately when you look more closely you see that the newly registered 'user' on your website is just a spammer using either a false email address, or addresses that are for loans, casinos or pharmaceuticals, etc.

Read more...
 
Pipex Update - We Recommend Plus.Net

If you ever saw my two articles about Pipex Internet it will come as no surprise that this was a company on its last legs.

Are Pipex Internet Fraudsters
I believe Pipex Internet are Fraudulent Criminals

After a considerable battle, and many frustrations dealing with officialdom hell-bent on defending Pipex for no reason, I eventually got my money back - twice over, and at one point with a firm commitment for another payment - however they welched on this final payment. Some things never change!

Pipex was subsequently swallowed up by Tiscali who as far as I can tell from the emails and phone calls I continued to receive from other frustrated customers seem to have continued the same fine traditions of not honouring cancellation requests and dipping randomly into customer accounts.

It will therefore come as little surprise that Tiscali is also no more having in turn been swallowed up by Talk Talk. I can only wish any of their customers well - for I have serious doubts about anyone who would buy up the remnants of these companies.

Anyway - I've had a number of requests from people wishing to know who I recommend as an Internet Service Provider in these days of uncertainty with so much consolidation within the industry.

Continue Reading: We recommend Plus.net
 


© Copyright 2002-2016
Dean Marshall Consultancy Ltd - all rights reserved
Registered in England and Wales, Company number 6615299
A team of professional developers specialising in custom Joomla development

Dean Marshall Consultancy - a Member of W3C Sites XHTML valid website valid CSS website design WAI conformant website design

The Joomla!® name is used under a limited license from Open Source Matters in the United States and other countries. This site is not affiliated with, or endorsed by, Open Source Matters or the Joomla! Project.