mattwine Posted January 11, 2007 Share Posted January 11, 2007 hi does anyone know anything about shop fronts being hacked and defaced by h4ck3d By 3sRaR i have done a loose search on the web, and this seems to have happened a lot to oscommerce. i suspect i need to run updates (shop probably 1 1/2 years old) more to the point, they hacked every site i have.... so, does anyone know about this hack and how to stop it, also, im guessing, but i dont suppose there is an easy way to find out ip's etc. thanks for any help, sorry if this post is a bit disjointed, but i am still in a state of shock, .... and dealing with irate customers... mattwine Link to comment Share on other sites More sharing options...
Guest Posted January 11, 2007 Share Posted January 11, 2007 well I dont know if this has anything to do with it but I looked at several of teh sites listed in google and they had this at the top. Warning: Installation directory exists at: /blah/local/home/blah/blah/blah/catalog/install. Please remove this directory for security reasons. where is your site? Link to comment Share on other sites More sharing options...
mattwine Posted January 11, 2007 Author Share Posted January 11, 2007 hi mike my site is at http://www.fastnetsoftware.co.uk/shop/catalog/index.php i will check my ftp also and see if the directory has been reinstalled. what is worrying is that they got access to my account, so im trying to get an understanding of how and why this happened, so that i can stop it. thanks matt well I dont know if this has anything to do with it but I looked at several of teh sites listed in google and they had this at the top. Warning: Installation directory exists at: /blah/local/home/blah/blah/blah/catalog/install. Please remove this directory for security reasons. where is your site? Link to comment Share on other sites More sharing options...
user99999999 Posted January 11, 2007 Share Posted January 11, 2007 Contact your host they can restore it and tell you how access was gained. Link to comment Share on other sites More sharing options...
Guest Posted January 11, 2007 Share Posted January 11, 2007 There is a security issue with OSC, but the latest update resolved this, update your store to OSC MS2.2 Update 060817, provided you have already done the 051113 update Link to comment Share on other sites More sharing options...
abra123cadabra Posted January 13, 2007 Share Posted January 13, 2007 My site was hacked a while ago and it turned out the hackers got into the server on which my pages are hosted. All other sites hosted on that server got hacked too. It happened in the night my provider decided to update the php install and to allow fopen() etc. According to them, this is how they got into the server and as a result this and some other functions are disabled again. abra The First Law of E-Commerce: If the user can't find the product, the user can't buy the product. Feedback and suggestions on my shop welcome. Note: My advice is based on my own experience or on something I read in these forums. No guarantee it'll work for you! Make sure that you always BACKUP the database and the files you are going to change so that you can rollback to a working version if things go wrong. Link to comment Share on other sites More sharing options...
Guest Posted January 14, 2007 Share Posted January 14, 2007 well I just realized that my admin folder was not password protected. I putt htaccess password on it and it is now but I went and looked at a few sites that were also hacked by h4ck3d By 3sRaR and I noticed that their admin was not password protected. I don't remember for sure but I don't think the admin folder is protected by default. I think it does tell you to do that in the installation instructions though.. I guess I just never did it. Are you sure your admin folder is password protected? Link to comment Share on other sites More sharing options...
abra123cadabra Posted January 14, 2007 Share Posted January 14, 2007 I'm absolutely sure that my admin is protected. It was one of the first things to put .htaccess in place. Next I installed admin login contrib and a mod so that you can't use the back button to get back in. Anyway, they didn't get in through my shop. They used another way into the server and then had admin rights and could change all the hosted pages without needing my passwords for my hosting panel. Changed all my database and ftp password though as the DB one is in plain text in the configure files which were readable to them. abra The First Law of E-Commerce: If the user can't find the product, the user can't buy the product. Feedback and suggestions on my shop welcome. Note: My advice is based on my own experience or on something I read in these forums. No guarantee it'll work for you! Make sure that you always BACKUP the database and the files you are going to change so that you can rollback to a working version if things go wrong. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.