Example of a Phishing Attempt Using An Email From Apple

If often get asked why someone would attack a website. It is often for financial gain. If the attacker can get a hold of your credentials then they can impersonate you on-line. Meaning if they get your bank credentials they will have access to your bank. If they get your Apple ID credentials then the can access you Apple account and buy stuff.

I got an email from Apple today to login to my account.

In this image you can see that when I put my cursor over the hyperlink in the email it is going to “natuursteendoker.be/zooology.php”.   I see attacked websites with strange named PHP files with redirects in them. This can easily redirect a user to site ready to deliver a malicious payload or virus.  Could be a key tracker that phones home with each key stroke or screen captures every 5 seconds.

I hope this helps someone else out there….

 

Issues Upgrating to Joomla 3.6 to 3.7 – don’t worry it is safe

I got the notification  that all my Joomla installs were ready for  the 3.7 update. I started with test sites and then moved my way to my productions sites.

I have updated 12 sites so far and no issues. I even I have felt that the sites were running quicker.

I truely feel the the 3.X versions of Joomla started out slow and have gotten faster.

I feel like it is safe to update your Joomla installs.

I hope this helps someone else out there…

 

Contact Form 7 – email not coming from your server configuration error

Had a customer with a configuration issue with the WordPress site.

The original developer had the end users email as the return email address. Contact Form 7 prefer keeping this email address on the same domain, and adding a “Reply to” in the additional headers area. The following link solved this issue for me.

FAQ about Configuration Validator

Which lead me to here.

Setting Up Mail

I hope this helps someone else out there…

 

 

Solved – Outlook Deleted Email Address From Group Now Group Is Gone

Had a customer who wanted to update an Outlook contact who is part of a group email address. When we deleted the user in the group the group was gone.

We looked at was to recover. The big suggestion was to recover deleted items. We went into deleted items but the group wasn’t there. They are running an internal Exchange 2012. We looked at there OWA to try to recover.

The following article helps me solve this. It was the least technical link, but solved my issue.

http://forum.groovypost.com/microsoft-office/help-outlook-deleted-an-entire-mail-group-t95663.html

The big issue is when you delete a group it goes into the deleted items with the date the group was started and not the date the group was deleted. I went back into the deleted items and at the bottom there was a link to see more and the item I was looking for was at the bottom.

I hope this helps someone else out there…

 

 

Custom Dictionary Is Not Available Word 2016

Had a customer who was having an issue adding a custom dictionary to the Microsoft Word. I found the following article that walked me through what to do.

https://support.office.com/en-us/article/Add-or-edit-words-in-a-spell-check-dictionary-56e5c373-29f8-4d11-baf6-87151725c0dc#__toc306779609

Start by clicking File > Options > Proofing.

Add the custom dictionary.

We unchecked the RoamingCustom.dic. Clicked “Add”, and gave this new dictionary a name. Word asked if we were sure we wanted to add this new one. We clicked okay, and everything was working again.

I hope this helps someone else out there…

 

I recently updated virtumart in a Joomla 3.6.5 site and got the following error.

1054 Unknown column ‘product_stockhandle’ in ‘field list’ SQL=UPDATE `#__virtuemart_products` SET `virtuemart_vendor_id`=’1′,

It was longer than that, but I needed to fix the site so I don’t the rest would help. I could be wrong.

My last back up was too long ago. I was kind of screwed.

I restored the backup in a close directory on the production server. It was on https so I couldn’t do it localhost. I exported all the virtuemart tables in one MySQL statement by selecting “custom” when exporting. I did have to move the images/stories/virtumart directory. After that the store was operating normally. I made a backup before doing anything else.

I  used FTP and copied the components/virtumart directory over to the site that had issue; however, this didn’t fix the issue. Not sure what broke.

I hope this helps someone else out there…

 

 

OneDrive Error – you’re already syncing this account

Have customer syncing his Business OneDrive on his personal laptop with Office 365 and his work desktop. The document was created on the laptop, and synced with 365. When he got to work the document wasn’t on his work machine and when he tried to sync he got the following error.

With more probing I found out the  customer had a 40 gig folder he was syncing and it just took time.  That is why the “already syncing” warning came up.

I hope this helps someone else out there…

 

 

 

WordPress requesting FTP credentials when trying to update a plugin.

A took over an infected WordPress site. I had Sucuri clean the malware. The hosting was a mess. There were three WordPress installs in this hosting account, but only one was the site. It took a while to figure which one was the live site.

While trying to update core I got the following.

The following article helped me shed some light on the situation.

http://stackoverflow.com/questions/640409/can-i-install-update-wordpress-plugins-without-providing-ftp-access

I was going to change the permission, but Sucuri wasn’t finished scrubbing the malware. If I can remember I will post my results.

I hope this helps someone else out there…

 

joomla Forgot your username? page indexed

To get to a customer’s site I Googled it and discovered the User name and Password reset pages are being indexed by Google. They show up as some of the top results.

I quickly came across the following article that lead me to the work on the Robots.txt file and disallowing these pages.

https://forum.joomla.org/viewtopic.php?t=903096

For my site I had to add the following:

Disallow: /component/users/

Then go to Google Webmaster Tools and and Fetch the site. This will inform Google you want your site crawled again.

I hope this helps someone else out there…

Follow up…

I stumbled on this article which further refines the access.

https://moz.com/community/q/robots-txt-how-to-exclude-sub-directories-correctly

His technique:

allow: /directory/$
disallow: /directory/*

Which allows this URL:

http://www.mysite.com/directory/

But doesn’t allow the following one:

http://www.mysite.com/directory/sub-directory2/…