Potential JoomlaStats Component Exploit Could Drain Server Resources

An urgent update to anybody who is using the Joomla component called “JoomlaStats”.

My server host and I have discovered a potential exploit in the JoomlaStats component that could heavily drain your servers resources and possibly leave your site at risk.

The issue was discovered earlier today when my hosts data center suspended my account due to excessive resource usage. This should never have happened of course, as there had been no new updates to any of my websites in recent days. Upon review of the Joomla Stats component, we found the following data, which as you can see, is completely out of the ordinary for my website.

JoomlaStats Exploit 1

On the 5th and 6th of July the number of visitors / hits to the site jumped by OVER 1000%!

Looking deeper, we found that the majority of the hits came in blocks of IP’s, such as the one below.

JoomlaStats 2

This is not necessarily a sign of hacker, script or bot, but for my site, this type of traffic is heavily out of the ordinary. Also, as you can see, the hits all came from the same host in this example, but different IP addresses and are all just seconds apart. What this image doesn’t display is that they were also from a range of differnt operating systems and browsers.

joomlastats03The graph on the right shows the sites total server usage for the month of July so far. The first few days of the month are as expected, but as you can see, the jump is quite drastic on the 5th and 6th.

To further add to the confusion, Google Analytics are not displaying a huge increase in visitors to the site. Why, we are not yet sure, but are looking into whether the JoomlaStats numbers are accurate, or if they are caused by this apparent exploit.

The Server Load

At the point the server suspended my account, the server load was almost 4 times what it should have been. Since disabling and removing the JoomlaStats component that has dropped back to what it should be.

My suggestion, if you use JoomlaStats, is to keep a close eye on your data and if possible, server load. The exploit may simply be a one-off thing, but it is always best to be safe when it comes to things like this.

Share This:

JTags Review – Joomla Tag Extension

If you’re a regular Joomla no doubt you’ve come across the highly frustrating situation that is tagging your articles and content. More accurately, the complete inability to tag them. That is of course, until now.

I recently came across the JTags extension for Joomla. This tagging addon is a 6 part tool:

  • JTags Component
  • Tag Cloud Module
  • 4 JTag Plugins

In essense what it does is adds an extra field when you create content where you can add your tags, much like you would find on WordPress or any other blogging software. The Tag field is available in both the admin article creation section and on the members article submission form. The Tag Cloud is automatically updated, and can be edit to suit your needs, ranging from font sizes and max # of tags shown in the cloud. The tags themselves are added to your content (like at the top of articles on this site).

Continue reading

Share This: