QueenKat Posted December 1, 2005 Share Posted December 1, 2005 help please!! my store has been hacked. what do I do? www.katstamps.com Link to comment Share on other sites More sharing options...
jonw118 Posted December 1, 2005 Share Posted December 1, 2005 that's terrible. please tell me you have a backup on your local machine. Link to comment Share on other sites More sharing options...
QueenKat Posted December 1, 2005 Author Share Posted December 1, 2005 that's terrible. please tell me you have a backup on your local machine. I think I do! What do I do??? If I don't what do I do?? If I loaded the store back to the last back up I made to the server, will that fix the problem?? Link to comment Share on other sites More sharing options...
novation Posted December 1, 2005 Share Posted December 1, 2005 I think I do! What do I do??? re-upload the backup you have - and overwrite the hacked files Link to comment Share on other sites More sharing options...
jonw118 Posted December 1, 2005 Share Posted December 1, 2005 if not--- contact your web host immediately... most (good) host do daily backups, so you want to get them to put back the most recent good files (it may cost a little bit, but worth it) Link to comment Share on other sites More sharing options...
AlanR Posted December 1, 2005 Share Posted December 1, 2005 You don't necessarily to to completely upload everything. Look: http://katstamps.com/product_info.php?products_id=646 It's most likely a damaged index.php The real question is what did they do and how? Don't just overwrite that index.php or you'll learn nothing. Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management) Link to comment Share on other sites More sharing options...
ozcsys Posted December 1, 2005 Share Posted December 1, 2005 help please!! my store has been hacked. what do I do? www.katstamps.com You most certainly should be contacting your hosting company about this if you have not already. You need to take a look at the logs and find out what happened. The Knowledge Base is a wonderful thing. Do you have a problem? Have you checked out Common Problems? There are many very useful osC Contributions Are you having trouble with a installed contribution? Have you checked out the support thread found Here BACKUP BACKUP BACKUP!!! You did backup, right?? Link to comment Share on other sites More sharing options...
QueenKat Posted December 1, 2005 Author Share Posted December 1, 2005 You don't necessarily to to completely upload everything. Look: http://katstamps.com/product_info.php?products_id=646 It's most likely a damaged index.php The real question is what did they do and how? Don't just overwrite that index.php or you'll learn nothing. they got more then the index file! when I click on a link to the left on the link you gave me, it says hacked!! How can someone hack into my site??? Link to comment Share on other sites More sharing options...
jonw118 Posted December 1, 2005 Share Posted December 1, 2005 they got more then the index file! when I click on a link to the left on the link you gave me, it says hacked!! How can someone hack into my site??? if you notice, when you click on that link, it is pulling from the index file... it appears just your index was touched. reupload that index.php and contact your host. Link to comment Share on other sites More sharing options...
azimpact Posted December 1, 2005 Share Posted December 1, 2005 if you notice, when you click on that link, it is pulling from the index file... it appears just your index was touched. reupload that index.php and contact your host. There are many ways to hack a site. If your host was running global_register as on, there is one way in if you have insecure permissions on some of your directories. MySql injection attacks are another. The most common and overlooked are poor passwords. Many people use the name of their animals or family members all of which are in the latest brute force attack tools. Was your password a combination of upper/lower case with numbers in it? Link to comment Share on other sites More sharing options...
QueenKat Posted December 1, 2005 Author Share Posted December 1, 2005 I emailed them and put in a ticket on their site.. oh man, I hope they answer fast!! I can't believe this!! Link to comment Share on other sites More sharing options...
bobg7 Posted December 1, 2005 Share Posted December 1, 2005 Sorry to hear about your troubles, here is what I would do. Change your FTP password Change Your Admn password Change your Database password Restore your Database and foles from your last full backup Remember to edit you configuration files fot the new Database password Hope this helps, Installed Contributions: CCGV, Close Popup, Dynamic Meta Tags, Easy Populate, Froogle Data Feeder, Google Position, Infobox Header Entire Row, Live Support for OSC, PayPal Seal with CC images, Report_m Sales, Shop by Price Revised, SQL Updater, Who's Online Enhancement, Footer, GNA EP Assistant and still going. Link to comment Share on other sites More sharing options...
QueenKat Posted December 1, 2005 Author Share Posted December 1, 2005 no my password was not like that.. can you tell me how to change my password?? Sorry to hear about your troubles, here is what I would do.Change your FTP password Change Your Admn password Change your Database password Restore your Database and foles from your last full backup Remember to edit you configuration files fot the new Database password Hope this helps, I don't know how to do any of that... Link to comment Share on other sites More sharing options...
ozcsys Posted December 1, 2005 Share Posted December 1, 2005 no my password was not like that.. can you tell me how to change my password??I don't know how to do any of that... Login to your hosting control panel and you should be able to change your control panel and ftp password (they are most likely the same) You should also be able to change the password for your database in your control panel. Remember though you are going to need to change it in your configure.php files as well so your site will work. How to change your admin password depends on how you have it protected and the varies from site to site. The Knowledge Base is a wonderful thing. Do you have a problem? Have you checked out Common Problems? There are many very useful osC Contributions Are you having trouble with a installed contribution? Have you checked out the support thread found Here BACKUP BACKUP BACKUP!!! You did backup, right?? Link to comment Share on other sites More sharing options...
jonw118 Posted December 1, 2005 Share Posted December 1, 2005 no my password was not like that.. can you tell me how to change my password??I don't know how to do any of that... Well Vicki, There are a number of ways to change the stuff. The easiest of ways is through your web admin panel. I did a quick check to see who your host is, and it looks like oscommerce-solution.com (of whom I am not familiar with) so I don't know what type of panel we're dealing with here. (Side thought- I thought I read something shady about this company a week or so ago about them shutting doors on this forum, not sure though). Anyway you can change your FTP pass thru this panel for sure. Most likely you password protected your admin from this panel as well. Hopefully on your panel as well you have a list of your MySQL databases that list user names and passes for that database. Change those. Then open config.php and update your new user/pass so that you can actively connect to the database. One other thought, if you have access to the web panel and can change the user/pass for the panel itself to that as well. And make them tough! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.