Very recently one of my sites was hacked. Nothing dangerous, but the intruders just changed the index.php file. The main file was showing message that it was hacked! So I had to take it off and check each and every file for change. Luckicly found only two other files changed. The hackers injected code to those files and that code was showing the message on index page. That day I understood how difficult it is to find changed files.

Version Verification Tool

Very recently on of my sites was hacked. Nothing dangerous, but the intruders just changed the index.php file. The main file was showing message that it was hacked! So I had to take it off and check each and every file for change. Luckicly found only two other files changed. The hackers injected code to those files and that code was showing the message on index page. That day I understood how difficult it is to find changed files.

Today I found this great extension that will help you identifying Joomla! files changed. This is named Version Verification Tool. This great extension that will help you identifying Joomla! files changed. Version Verification Tool  Here’s the description of this component, from JED:

Check your Joomla! files for unwanted modifications. Don’t just rely on the version number, be sure you’re up-to-date AND haven’t been hacked! The Version Verification Tool ships with a list of all files that have shipped with Joomla 1.5 since the first release. Then, using a hashing algorithm, each file on your server is checked against the release it should be to verify that it’s integrity remains intact.

This tool is a must use for us at CMS Market before any Joomla upgrades, afterwards to ensure that the upgrade went smoothly, and periodically as a check to make sure that nothing has been unintentionally modified on our server.

There are known hacks out there which modify specific core Joomla files in order to send login credentials to ‘bad’ people by email, to insert spam in output, or other nefarious things. The Version Verification Tool will help you to know as soon as possible if your site may have been unknowingly modified.

Going forward, we want to create a simple plugin mechanism so other developers can add their own extensions for file verification.

I have tested it, and found quite useful. You should install it just after installting Joomla!. It will help identify changed files later. A Must have for Joomla! site administrators.