Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Website was HACKED

GardenGirl

By GardenGirl
in General Support

Recommended Posts

GardenGirl

GardenGirl

Posted
Posted

Someone hacked into my website. :angry: They changed almost every file by adding their own code. Most of the code makes no sense to me. I'm a total novice when it comes to PHP. Some of it was obvious - like some links thrown in that lead to pornographic websites. (I operate a children's website!) Most of it appears to be code that sends the customer's private information to someone.

 

Obviously I am VERY frustrated with this experience. I have to completely reload all of my files - not to mention that information on my customers may have already been gathered. I probably won't ever feel safe again. What I'm wondering is, how someone could have found out my password?! I use a 9-digit random number and letter combination. Any ideas?

 

Has this ever happened to anyone else? What can I do to make my website more secure? I use SSL for any pages where the customer has to enter private information. Is anyone an expert on PHP who could help me figure out what the code is referring to?

 

I am forwarding a copy of all the code to the FBI. Does anyone have any tips on what else I can do to help catch the criminals who did this to me? I would really appreciate any tips you can give me. I feel completely overwhelmed and frustrated. Thanks in advance!

 

GardenGirl

[email protected]

Guest

Guest

Posted
Posted

the fbi probably isn't going to care..

 

i'm sure it's a bit obvious but was your admin panel secured via htaccess?

 

are you on a shared server? your host could have even been hacked and that's how the hacker gained access to your files. it doesn't hurt to ask... but certainly don't accuse them of being vulnerable.

Guest

Guest

Posted
Posted

chat on any online programs a lot? doesn't neccessarily have to be hacked. could be a keylogger. usually given to you by a "friend" online. the other post is a good suggestion, have your host check too but may want to find some anti malware programs and run a scan on your computer as well if you do indeed chat a lot or do any file sharing.

 

the fbi probably isn't going to care..

 

i'm sure it's a bit obvious but was your admin panel secured via htaccess?

 

are you on a shared server? your host could have even been hacked and that's how the hacker gained access to your files. it doesn't hurt to ask... but certainly don't accuse them of being vulnerable.

Guest

Guest

Posted
Posted

you can get keyloggers from just about anywhere, it doesn't have to be just a chat program.

 

check for keyloggers using anti-virus software, spybot detectors, etc.

 

if you don't currently have anything.. this stuff is all free:

http://www.grisoft.com/doc/1 - anti virus

http://www.safer-networking.org/en/index.html - spybot/malware scanner

http://www.lavasoft.de/software/adaware/ - spybot/malware scanner

 

before you "fix" anything with this program, post your log on a forum so somebody familiar with hjt can tell you what to remove (i recommend these forums: http://forums.tomcoyote.org )

http://www.tomcoyote.org/hjt/ - removes tracking/malware that the former programs miss

 

 

all 4 programs should be used together for maximum results. i've used them all :)

 

oh yeah... and GET A FIREWALL! (if you don't currently have one), this is what i use: http://www.zonelabs.com/store/content/home.jsp (free!)

 

 

you should never log into your admin or sql database on a computer that isn't regurally cleaned with these programs or protected by a firewall.

  • 10 months later...
GardenGirl

GardenGirl

Posted
  • Author
Posted
the fbi probably isn't going to care..

 

i'm sure it's a bit obvious but was your admin panel secured via htaccess?

 

are you on a shared server? your host could have even been hacked and that's how the hacker gained access to your files. it doesn't hurt to ask... but certainly don't accuse them of being vulnerable.

 

Yes, I have my admin panel secured via htaccess. I have wondered if it was through my host, but they told me it wasn't possible. Hm...

GardenGirl

GardenGirl

Posted
  • Author
Posted
chat on any online programs a lot? doesn't neccessarily have to be hacked. could be a keylogger. usually given to you by a "friend" online. the other post is a good suggestion, have your host check too but may want to find some anti malware programs and run a scan on your computer as well if you do indeed chat a lot or do any file sharing.

I do not chat at all. Thanks for the suggestion though.

GardenGirl

GardenGirl

Posted
  • Author
Posted
you can get keyloggers from just about anywhere, it doesn't have to be just a chat program.

 

check for keyloggers using anti-virus software, spybot detectors, etc.

 

if you don't currently have anything.. this stuff is all free:

http://www.grisoft.com/doc/1 - anti virus

http://www.safer-networking.org/en/index.html - spybot/malware scanner

http://www.lavasoft.de/software/adaware/ - spybot/malware scanner

 

before you "fix" anything with this program, post your log on a forum so somebody familiar with hjt can tell you what to remove (i recommend these forums: http://forums.tomcoyote.org )

http://www.tomcoyote.org/hjt/ - removes tracking/malware that the former programs miss

all 4 programs should be used together for maximum results. i've used them all :)

 

oh yeah... and GET A FIREWALL! (if you don't currently have one), this is what i use: http://www.zonelabs.com/store/content/home.jsp (free!)

you should never log into your admin or sql database on a computer that isn't regurally cleaned with these programs or protected by a firewall.

 

Wow! Thanks for the specifics. I really appreciate you taking the time to help. I will try your suggestions and hope for the best!

dittones

dittones

Posted
Posted

Larisa,

Something else that I would do to your site which is very quick and adds another layer of protection is to rename the admin directory to something else...Knowone else will know or

can get to your admin side except you...remember that you will have to change the admin

name to your new name in your configure.php program on the admin/includes directory...

I hope this helps

Roman

dittone.com

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...