The Request

The client’s website was built on Joomla and after an SQL exploit, Ronco was tasked with finding the cause. I looked into the issue and found that an associated plugin for the Joomla theme allowed an unauthenticated user to embed forwards into URLs. I spoke with the client about removing the infection and updating Joomla however the theme used to build the website was no longer being maintained.

The Final

To achieve what the customer was requesting I ended up first securing the current Joomla website:

  • Removed Infection from the default Index.
  • Updated the Core / Plugins
  • Blacklisted the bad URLs with Google
  • Used Robots to disallow the simple link
  • Requested a review with Google to report the issues as fixed.
  • Cleaned permalinks and setup SEO linking
  • Installed Plugin > Marco’s SQL Injection – LFI Interceptor to prevent further SQL based hacks.

Next I spoke to the client about rebuilding the website on WordPress. The website was rebuilt on WordPress using the BeTheme framework. The website was finished November, 15 2017. We maintained the website and updates until the company was purchased in 2020.