di_stephano20 Posted August 21, 2006 Share Posted August 21, 2006 Is it possible for someone to make a perfect copy of my site?, besides the images wich i don't bother for beeing used by others.... but what i am asking is this: can somenone hack my site and get all the php code? because i thought that the php source cannot be displayed.... someone called me and said that he managed to download all my site and that he can now make a copy of it... how can he do that? he didn't had any acces to my server because i checked the server logs... and there is no strange ip... besides i have an ip filter wich is filtering all the ips except mine... so a brutal log it;s not possible... or so i belive... anyway my question is this : is it possible for someone to view the source of my php files??? and how can i protect my files froem beeing viewed? the same guy told me that he can encrypt my site... Please tell me what to do and how to protect my site better... any encryption software that u may know please share it with me.... Help me on this .... i am the victim now.. but u can be next.... -lol this sounds so dramatic...:) :'( :'( Link to comment Share on other sites More sharing options...
warleb Posted August 21, 2006 Share Posted August 21, 2006 Is it possible for someone to make a perfect copy of my site?, besides the images wich i don't bother for beeing used by others.... but what i am asking is this: can somenone hack my site and get all the php code? because i thought that the php source cannot be displayed.... someone called me and said that he managed to download all my site and that he can now make a copy of it... how can he do that? he didn't had any acces to my server because i checked the server logs... and there is no strange ip... besides i have an ip filter wich is filtering all the ips except mine... so a brutal log it;s not possible... or so i belive... anyway my question is this : is it possible for someone to view the source of my php files??? and how can i protect my files froem beeing viewed? the same guy told me that he can encrypt my site... Please tell me what to do and how to protect my site better... any encryption software that u may know please share it with me.... Help me on this .... i am the victim now.. but u can be next.... -lol this sounds so dramatic...:) :'( :'( It's quite easy to. He will be able to copy all PHP files if they are not in protected directories. Admin would be a problem and also your database! I don't bother doing backups. I love the thrill of screwing it all up! Link to comment Share on other sites More sharing options...
Jack_mcs Posted August 21, 2006 Share Posted August 21, 2006 Is it possible for someone to make a perfect copy of my site?, besides the images wich i don't bother for beeing used by others.... but what i am asking is this: can somenone hack my site and get all the php code? because i thought that the php source cannot be displayed.... someone called me and said that he managed to download all my site and that he can now make a copy of it... how can he do that? he didn't had any acces to my server because i checked the server logs... and there is no strange ip... besides i have an ip filter wich is filtering all the ips except mine... so a brutal log it;s not possible... or so i belive... anyway my question is this : is it possible for someone to view the source of my php files??? and how can i protect my files froem beeing viewed? the same guy told me that he can encrypt my site... Please tell me what to do and how to protect my site better... any encryption software that u may know please share it with me.... Help me on this .... i am the victim now.. but u can be next.... -lol this sounds so dramatic...:) :'( :'( It's called spam. It is one of the low-life's looking for a way to make a quick buck off of you. He is trying to sell you encryption. If he did grab all of your files, who cares. They are free. As long as he doen't get your database, there is no harm done. Jack Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
liquidq Posted August 21, 2006 Share Posted August 21, 2006 Did he actually provide any evidence that he has done what he said he'd done? Transaction details, customers information, anything that only you have access to? Forget images and text, that can be cut and pasted, oscommerce source files can be downloaded and modded easy so thats not proof. your database though, in the very unlikely event he got details from there then that would be proof but that won't happen. Unfortuantely the web is full of unscrupulous scumbags trying to scare people into cough up money. Call his bluff, if he did it and he's prepared to tell you about it then he shoould be able to prove it. Ignore this lowlife Link to comment Share on other sites More sharing options...
di_stephano20 Posted August 21, 2006 Author Share Posted August 21, 2006 hmm i am so dissapointed... because i really tried to make something good here... i know its free and stuf... but still i've made a design ... also it took me a while to understand oscommerce - wich by the way is a great platform to start a bussiness... - and i don't think it is fair to do such a thing... anyway i found out some scripts wich can encrypte my php sources... i dont care about the html but the php files is what i care about.... i found a program call source guardian ... its still a demo but i can encrypt my files at least... but i wonder if my ranking will be affected, because i am really sure that it will... :( :'( :( one more question for u guys who are more familiar with os commerce than i am.... how do u guys protect your files from being copied? i mean the ones in the catalog directory and not the admin files... because that one i have it protected as well.... thank u for your replies..!! :'( Link to comment Share on other sites More sharing options...
Guest Posted August 21, 2006 Share Posted August 21, 2006 Thing is if your host does not properly secure the members areas, one member can access the files of another. And there many other possibilities also. So here is an idea: You add code so a script like the application_top.php rectifies other php scripts of your store once is loaded (in memory or cache). And before doing that you check whether the script runs on a particular combination of things (like store's url, server ip etc). Which combination will be an md5 generated signature so it cannot easily decoded. Unless this piece of code runs the other php scripts will be unusable yet the code shows uncomressed so it will not generate suspicion. Now if someone copies the files he will have to go and start debugging the store to figure out why is not working (or partially working) on his system. If he ever gets that far. Because you can also place certain traps inside the scripts that cause other problems. (hard-coded emails that notify the original author, random errors, alterations to the dbase etc) Depends how far you want to go. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.