Guest Posted October 2, 2007 Posted October 2, 2007 I recently had my website all screwed up. It seems like someone went in and restored some backed up database from 2 years ago. I lost all my orders, customer info, products...everything. Luckily, I had a backup and saved most of the info. There were some other changes which I was also able to fix. I almost had a heart attack. I had a third party build my site and we parted on bad terms. I've changed my password and everything for OSC admin panel and my server. However, I remember one time I asked my dev. to change some stuff for me in my admin panel, but I never told him that I changed the password. He was still able to go in and do the changes. I'm afraid he has some sort of second account or backdoor access into my Admin Panel. Is there such a thing? How can I be sure that I am the only one with access? How can I avoid something like this happening again? Thanks!
bobg7 Posted October 2, 2007 Posted October 2, 2007 I doubt they went in through the Admin Panel when they made the changes before and if they were the ones that made the current changes they may have gone in using FTP. I would strongly recommed you change your FTP ID and Password right away and close that door. They may have installed some sort of backdoor but as far as I know there isn't one already built in. Installed Contributions: CCGV, Close Popup, Dynamic Meta Tags, Easy Populate, Froogle Data Feeder, Google Position, Infobox Header Entire Row, Live Support for OSC, PayPal Seal with CC images, Report_m Sales, Shop by Price Revised, SQL Updater, Who's Online Enhancement, Footer, GNA EP Assistant and still going.
Nullachtfuffzehn Posted October 2, 2007 Posted October 2, 2007 Depending on your version of OSC and server OS, you may want to check, if there are more than one entries in your .htpasswd. Could grant access to a second person though. Other than that, someone could have installed a backdoor to your system. Check the folders that are set to chmod 777 for any .php files that don't belong there. (Basically NO .php file is supposed to be in a public folder). If your system is running on a dedicated server maintained by the people who made your site they have full access anyways.
Guest Posted October 5, 2007 Posted October 5, 2007 Depending on your version of OSC and server OS, you may want to check, if there are more than one entries in your .htpasswd. Could grant access to a second person though. Other than that, someone could have installed a backdoor to your system. Check the folders that are set to chmod 777 for any .php files that don't belong there. (Basically NO .php file is supposed to be in a public folder). If your system is running on a dedicated server maintained by the people who made your site they have full access anyways. Yeah, I would like to check for any backdoors as several people have mentioned this could be the case. I will try to find this.htpasswd file and check it out. As far as the chmod 777, could you elaborate a little more on this? Where can I check these folders? Sorry, I'm not very keen to programming (hence the reason I hired this horrible guy). Also, I'm running on a different server so no worries there.
Nullachtfuffzehn Posted October 5, 2007 Posted October 5, 2007 Don't know which FTP client you're using, but most of them can display the CHMOD values of directories and files. The commom folders set to 777 are the images, tmp/temp, pub and up-/download. but others may be too (which would be a huge security risk!). Basically the CHMOD values reflect who is able to read write or execute the files.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.