" at the top of my Joomla page mean? The following comment fragment appears to be popping up at the top of every page of the local government page" /> Mobile app version of vmapp.org
Login or Join
Shanna517

: What does the string "";} /*B6D1B1EE*/ ?>" at the top of my Joomla page mean? The following comment fragment appears to be popping up at the top of every page of the local government page

@Shanna517

Posted in: #Joomla

The following comment fragment appears to be popping up at the top of every page of the local government page I'm administrating:



The site runs of the Joomla! framework, and I've gone through the header sections of each page and found nothing amiss. A quick Google search of

'";} /*B6D1B1EE*/ ?>'


reveals that I'm not alone in experiencing this problem:



I'm surprised that I've never heard of this before. If you have any ideas on what might be causing this and how I might go about fixing it, they would be much appreciated.

10.03% popularity Vote Up Vote Down

Login to follow query

More posts by @Shanna517

Login to post a comment!

3 Comments

Sorted by latest first Latest Oldest Best

 

@Connie744

It looks like Joomla 1.5 websites without the Session Hardening and File Upload Security patches are being hacked.

These patches can be found at: docs.joomla.org/Security_hotfixes_for_Joomla_EOL_versions
According to MiscCoder at forum.joomla.org/viewtopic.php?t=933020#p3425599 clean up involves removing the file at /modules/mod_stat/statXXX.php, deleting files in the /tmp folder and cleaning up the files with "B6D1B1EE" in them although I haven't been able to verify this yet.

I'd be inclined to run a security audit using a commercial service such as myjoomla.com or sucuri.net or similar to double check all compromised and modified files have been identified and fixed.

10% popularity Vote Up Vote Down

 

@Twilah146

As a workaround you could delete the ";} /*B6D1B1EE*/ ?> snippet from the index.php file contained in your template folder.

More information could be found for the same issue here: forum.joomla.org/viewtopic.php?t=933020
It could be that sites running a 1.5 version of Joomla were hacked.

10% popularity Vote Up Vote Down

 

@Kristi941

For some reason PHP code is being sent to the browser. It may be that PHP is not enabled n that server but that page contains some. It could be short tags are used but the server has not enabled it. It could be poorly written code. But you need to get to the source code to find the ultimate root cause.

10% popularity Vote Up Vote Down

Back to top | Use Dark Theme