×
Kunena 5.1.5 Released - Security Release (14 Oct 2018)

The Kunena team has announce the arrival of Kunena 5.1.5 [K 5.1.5] which is now available for download as a native Joomla extension for J! 3.8.x. This version addresses most of the issues that were discovered in K 5.1 and issues discovered during the development stages of K 5.1. This is a Security release.

× This is for users to help other users, to discuss topics that are related to forum administration in general or problems in running Joomla. This is not the place to ask for Joomla support. If you want assistance with Joomla please ask at forum.joomla.org

Solved Spam in internal Kunena forum

More
4 years 6 months ago - 4 years 6 months ago #1 by hotch
Hi,

I have an internal Kunena forum which is only for members of our clubs. Kunena is 3.0.5.

Today I found a spam link in one of my topics
This message contains confidential information
In the MySQL database I do not find this link in my topic.

When I edit the topic and delete the link it will still appear in the topic after saving.

What is wrong here? Is there any infection?
Last edit: 4 years 6 months ago by hotch.

Please Log in or Create an account to join the conversation.

  • sozzled
  • Visitor
4 years 6 months ago #2 by sozzled
Replied by sozzled on topic Spam in internal Kunena forum
hotch wrote:

When I edit the topic and delete the link it will still appear in the topic after saving.

What is the URL of this "topic"? It would also help if you watched the video https://vimeo.com/69818669

I do not yet know how this problem is related to Kunena. I do not have enough information to work with to help you.

Please Log in or Create an account to join the conversation.

More
4 years 6 months ago #3 by hotch
Replied by hotch on topic Spam in internal Kunena forum
Because it only appears in Kunena but not in Joomla articles.

The URL will not help you as it is an internal forum. I would need to create an user account.

Please Log in or Create an account to join the conversation.

  • sozzled
  • Visitor
4 years 6 months ago #4 by sozzled
Replied by sozzled on topic Spam in internal Kunena forum

hotch wrote: Because it only appears in Kunena but not in Joomla articles.

I believe you but I don't see it from what you posted at the start of this discussion. :)

hotch wrote: The URL will not help you as it is an internal forum. I would need to create an user account.

It may still help, even if your forum is "internal", if we could see the configuration report that I referred to in my last reply to you. I am still struggling to help you without information that confirms exactly what kind of Kunena-related problem you seem to be having. :unsure:

Please Log in or Create an account to join the conversation.

More
4 years 6 months ago #5 by 810
Replied by 810 on topic Spam in internal Kunena forum
try backend-kunena-recount

select all option then recount.

Please Log in or Create an account to join the conversation.

More
4 years 6 months ago #6 by hotch
Replied by hotch on topic Spam in internal Kunena forum
Recount done. Problem still existing.

Configuration report:

This message contains confidential information

Database collation check: The collation of your table fields are correct

Joomla! SEF: Enabled | Joomla! SEF rewrite: Enabled | FTP layer: Enabled |

This message contains confidential information
htaccess: Exists | PHP environment: Max execution time: 30 seconds | Max execution memory: 128M | Max file upload: 200M

Kunena menu details:

Warning: Spoiler! [ Click to expand ]

Joomla default template details : full_screen_3 | author: JoomSpirit | version: 1.0 | creationdate: Unknown

Kunena default template details : Blue Eagle | author: Kunena Team | version: 3.0.5 | creationdate: 2014-03-09

Kunena version detailed: Kunena 3.0.5 | 2014-03-09 [ Invecchiato ]
| Kunena detailed configuration:

Warning: Spoiler! [ Click to expand ]
| Kunena integration settings:
Warning: Spoiler! [ Click to expand ]
| Joomla! detailed language files installed:
Warning: Spoiler! [ Click to expand ]

Third-party components: UddeIM 2.9

Third-party SEF components: None

Plugins: Search - Kunena Search 3.0.1 | Content - Kunena Discuss 3.0.1

Modules: Kunena Stats 3.0.1 | Kunena Login 3.0.1

Please Log in or Create an account to join the conversation.

  • sozzled
  • Visitor
4 years 6 months ago #7 by sozzled
Replied by sozzled on topic Spam in internal Kunena forum
Thank you for your configuration report. I would like to suggest a couple of small changes to the forum integration plugin settings (as indicated in red below):

Kunena - AlphaUserPoints Disabled
Kunena - Community Builder Disabled
Kunena - Gravatar Disabled
Kunena - JomSocial Enabled: Disabled
Kunena - Joomla Enabled: access=1 login=1
Kunena - Kunena Enabled: avatar=1 profile=1
Kunena - UddeIM Enabled: private=1

You have a lovely website and, I agree, it's not good when you get spam messages posted in your forum. I am still trying to find the source of the problem you seem to be having. The problem is not that someone posted a spam message; the problem is

hotch wrote:

When I edit the topic and delete the link it will still appear in the topic after saving.


The issue is not so much about "spam in the forum"; the issue is about how you how you "[edited] the topic and [deleted] the link and [the deleted information] still appears in the topic after saving".

It would be a great help if you could show me exactly which topic contains the message that you are trying to edit. I understand that your forum is restricted to logged-in members of your community but, if you have a test account that we could use, we could save a lot of time if we were able to see for ourselves this problem that you are trying to fix.

Therefore, I am asking if you can post here
  1. the URL of the topic that contains the spam; and
  2. username/password details of a test account that we can use to access this topic; you can use the following BBcode to post that information here:
    [confidential]Username
    Password:[/confidential]
The sooner we get this information, the sooner we will be able to find why it seems you are not able to fix your problem.

Please Log in or Create an account to join the conversation.

  • sozzled
  • Visitor
4 years 6 months ago - 4 years 6 months ago #8 by sozzled
Replied by sozzled on topic Spam in internal Kunena forum
I had a closer look at your website. The spam links - "buy v****a s*****s" (and there are others) - was not put there by Kunena.

This is not a Kunena problem.

The link appears on other pages on your website, too.

It appears that someone installed a module on your website that generates links at random on certain pages.

This module modifies the "About the club" menu item.

It looks to me that your website has been hacked.
Last edit: 4 years 6 months ago by sozzled.

Please Log in or Create an account to join the conversation.

More
4 years 6 months ago #9 by hotch
Replied by hotch on topic Spam in internal Kunena forum
@sozzled
You were right. The website was hacked.

The Joomla file /includes/application.php was modified and loaded joomla_rss.php with base64 encoded malicious code. Thus the links were generated.

A freelance helped me to get rid of all this stuff.

Please Log in or Create an account to join the conversation.

  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to add attachements.
  • Not Allowed: to edit your message.
Time to create page: 0.165 seconds