Article Index


What can I do about it?

If your site uses one of these extensions then you would be wise to check whether it contains the spam-generating code. Not all versions of the extensions do: the versions submitted to the Joomla extensions directory were clean, and it is likely that these were originally legitimate extensions. There are also other versions in circulation which seem to have had some of the bad code removed.

The first thing you can try is to view the page source of your site: if it contains a lot of spam links then it is likely that you have a bad version of one of these extensions. However if you do not see them it is not a guarantee that you do not have a problem, because the offending script may not always generate the links. will scan your site for free and seem to be able to identify one of these bad extensions by finding the dnnViewState() javascript described above. However this may generate false positives: the javascript itself is not actually dangerous, it is the php code in example 1 that actually generates the links.

If you do have a problem, simply unpublishing or uninstalling the extension will solve the problem for you. If you would prefer not to do this then finding and deleting the bad code will work equally well. Remember that it is the PHP code that you need to remove. Doing a simple text search in the extension files using your favourite html or text editor for 'file_get_contents' should pick this up very quickly. (Note that the PHP file_get_contents function can have legitimate uses, such as fetching an RSS feed, so finding it in an extension does not necessarily mean you have a problem).