carloscanas Posted January 9, 2006 Posted January 9, 2006 Recently my store has been plaged by a hacker who has been making our life misserable and causing us to a considerable amount of down time. We have changed passwords, user names, etc. What could be good guidelines to stop these people on their tracks. We are really desperate now. Thanks :angry:
bnetweb Posted January 9, 2006 Posted January 9, 2006 Recently my store has been plaged by a hacker who has been making our life misserable and causing us to a considerable amount of down time. We have changed passwords, user names, etc. What could be good guidelines to stop these people on their tracks. We are really desperate now. Thanks :angry: In my opinion: Probably, they have an access before and they uploaded a script to your site that can modify your files. Also, please do also change your hosting accounts and not only your shop. Then try to reinstall everything. If you still have a problem on it. Please do pm me. Have a good day
demonz Posted January 9, 2006 Posted January 9, 2006 Hi, Have you installed any admin login contributions into your osc. and also you can try locking the "admin" folder completely by using your hosting login. or else you can ask your hosting provider to do it. :)
carloscanas Posted January 9, 2006 Author Posted January 9, 2006 These is what we have done: Reinstall OS. Change all passwords. Change database passwords. Setup access control through Apache <directory> Check all permissions. Still the guy gets in. The las time was this saturday. He messed up our mysql databases, and installed a script on OS commerce images directory (why does this directory has to be writable?). We have backups of everything and we do not download the site to our local computers, we inly upload from them. We were able to reinstall everything after erasing it to eliminate any scripts. We also run find looking for anything installed and/or modified in the last 24 hours. We are up and running again but it is getting old.... Thanks, Carlos :angry:
Guest Posted January 9, 2006 Posted January 9, 2006 did you do the latest updates, as shown on: http://www.oscommerce.com/forums/index.php?showtopic=180289
kwalker Posted January 9, 2006 Posted January 9, 2006 If you've done all of that and whoever keeps getting in, I'd say they have a backdoor way of accessing your site. They may let you think that you've fixed your problem and before you know it..... BAMMM,, they got you again, when you least expect it. If I were you, I'd look for a different server alltogether. Kevin "What I didn't know yesterday, I know today & will remember tomorrow" (By Kwalker) What do you see when you open up the tep_database-pr2.2-CVS.pdf file that came with your osCommerce download?
appleguru Posted January 9, 2006 Posted January 9, 2006 Do you happen to be on a shared server? Could just be two OsC stores writing to the same SQL DB...
kwalker Posted January 9, 2006 Posted January 9, 2006 Do you happen to be on a shared server? Could just be two OsC stores writing to the same SQL DB... That is very well possible too. Probably more so that's possibly the problem if you haven't had anyone doing work on your server besides you. Kevin "What I didn't know yesterday, I know today & will remember tomorrow" (By Kwalker) What do you see when you open up the tep_database-pr2.2-CVS.pdf file that came with your osCommerce download?
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.