Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

My site gets hacked


Guest

Recommended Posts

I keep on getting orders from differant IP's and shiping details which are not the same as the real user ( verified with few users ).

 

I found in logs that the 'bad' ip does not go through login.php, but directly to checkout_shipping.php and shopping_cart.php ... and makes an order.

 

I must find this security hole and close it. I am getting to much false orders, and angry customers.

 

Please help.

Link to comment
Share on other sites

My first thought is do you require cookies to be enabled to check out? If the person placing these orders is getting these customers' session id that displays in the URL, then you really need to require cookies.

 

If that isn't the problem, then I have no idea and will be playing close attention to this thread.

Always BACK UP your files and your database before making any changes. Before asking questions, check out the Knowledge Base. Check out the contributions to see if your problem's solved there. Search the forums.

 

Useful threads: Store Speed Optimization How to make a horrible shop Basics for design change How to search the forums

 

Useful contributions: Easypopulate Fast, Easy Checkout Header Tag Controller

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...