Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Are you trying to steal my shop?


PassionSeed

Recommended Posts

:P A "looker" visited my site today from Google's listing of the osC live shop. The visitor's IP address is 71.198.197.174 (ca.comcast.net).

 

They were really trying to gain access to the admin side of my shop specifically the backups by attempting to access the following:

 

store/admin/backups/

Http Code: 404 Date: Dec 21 17:24:30 Http Version: HTTP/1.1 Size in Bytes: 1316

Referer: -

Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

 

|

|

|

/catalog/admin/backups/

Http Code: 404 Date: Dec 21 17:24:31 Http Version: HTTP/1.1 Size in Bytes: 1316

Referer: -

Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

 

|

|

|

/admin/backups/

Http Code: 404 Date: Dec 21 17:24:31 Http Version: HTTP/1.1 Size in Bytes: 1316

Referer: -

Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

 

|

|

|

/adult_sex_toys/admin

 

 

I don't know if they are a fellow osCommerce shop owner or an osCommerce shop owner wanna be. But they definitely had a need to get to any backups they could find and they have knowledge of the standard structure of osCommerce. It's useless to block this IP address as it changes each day from a pool of ca.comcast.net IP addresses. Tomorrow, the IP address could be assigned to someone else.

 

I bring this to you so that you can be aware of the viciousness of some Internet users. You may consider re-locating the admin side of your shop so that it's not as obvious by other "I know osC" Internat users who have malice in their heart. Also, "catalog" and "store" are very common and should never be used. You may want to be a bite creative with naming your directories and to definitely move the admin side from under the catalog side.

 

We have enough to think about in making our shops successful (or somewhat successful). We also have to be aware of those that want to actually steal from us from what they consider "a back door." Thank goodness my admin side has been moved and is password protected.

 

Just an FYI and a sharing moment.

Link to comment
Share on other sites

:P A "looker" visited my site today from Google's listing of the osC live shop. The visitor's IP address is 71.198.197.174 (ca.comcast.net).

 

They were really trying to gain access to the admin side of my shop specifically the backups by attempting to access the following:

 

store/admin/backups/

Http Code: 404 Date: Dec 21 17:24:30 Http Version: HTTP/1.1 Size in Bytes: 1316

Referer: -

Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

 

|

|

|

/catalog/admin/backups/

Http Code: 404 Date: Dec 21 17:24:31 Http Version: HTTP/1.1 Size in Bytes: 1316

Referer: -

Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

 

|

|

|

/admin/backups/

Http Code: 404 Date: Dec 21 17:24:31 Http Version: HTTP/1.1 Size in Bytes: 1316

Referer: -

Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

 

|

|

|

/adult_sex_toys/admin

I don't know if they are a fellow osCommerce shop owner or an osCommerce shop owner wanna be. But they definitely had a need to get to any backups they could find and they have knowledge of the standard structure of osCommerce. It's useless to block this IP address as it changes each day from a pool of ca.comcast.net IP addresses. Tomorrow, the IP address could be assigned to someone else.

 

I bring this to you so that you can be aware of the viciousness of some Internet users. You may consider re-locating the admin side of your shop so that it's not as obvious by other "I know osC" Internat users who have malice in their heart. Also, "catalog" and "store" are very common and should never be used. You may want to be a bite creative with naming your directories and to definitely move the admin side from under the catalog side.

 

We have enough to think about in making our shops successful (or somewhat successful). We also have to be aware of those that want to actually steal from us from what they consider "a back door." Thank goodness my admin side has been moved and is password protected.

 

Just an FYI and a sharing moment.

 

All good advice. It's awful sometimes we have to live in a world where people try to take what is not rightfully theirs or otherwise try to harm others. I generally try to trust people, however that's not always the best course of action unfortunately.

 

BTW you have done some nice work with your site.

 

Be well,

Tina

If you're not having fun you're not doing it right

 

Teach a person to fish rather than give them a loaf of bread or however that saying goes.

Link to comment
Share on other sites

All good advice. It's awful sometimes we have to live in a world where people try to take what is not rightfully theirs or otherwise try to harm others. I generally try to trust people, however that's not always the best course of action unfortunately.

 

BTW you have done some nice work with your site.

 

Be well,

Tina

 

 

:blush: Thanks, Tina! I needed to hear that.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...