filmcell Posted March 9, 2008 Posted March 9, 2008 i run 4 oscommerce websites and 2 have come under attack by hackers .. Can some one help me and tell me permissions i should check on main files and folders .. eg index.php should it be 755 ??? Im sure this is how my sites have been hacked. Im a bit worried , main site is ok just now. But if they hack that , I will be in big trouble. thanks.
♥FWR Media Posted March 9, 2008 Posted March 9, 2008 i run 4 oscommerce websites and 2 have come under attack by hackers .. Can some one help me and tell me permissions i should check on main files and folders .. eg index.php should it be 755 ??? Im sure this is how my sites have been hacked. Im a bit worried , main site is ok just now. But if they hack that , I will be in big trouble. thanks. General files like index.php should be 644 not 755. However I doubt that permissions are the problem. The question is how are they getting in? via querystring/XSS? via another account on the server? Ultimate SEO Urls 5 PRO - Multi Language Modern, Powerful SEO Urls KissMT Dynamic SEO Meta & Canonical Header Tags KissER Error Handling and Debugging KissIT Image Thumbnailer Security Pro - Querystring protection against hackers ( a KISS contribution ) If you found my post useful please click the "Like This" button to the right. Please only PM me for paid work.
satish Posted March 9, 2008 Posted March 9, 2008 The best way is set some range of IP address that shall be allowed. So Your site is accessible to countries where You want to market. Satish Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site. Check My About US For who am I and what My company does.
♥FWR Media Posted March 9, 2008 Posted March 9, 2008 The best way is set some range of IP address that shall be allowed. So Your site is accessible to countries where You want to market. Satish Too difficult/impossible to achieve imo. Can't exclude countries via ip tables as the shear number of excludes kill the server. ALLOWING is too dangerous as it's too easy to exclude valid ips. Ultimate SEO Urls 5 PRO - Multi Language Modern, Powerful SEO Urls KissMT Dynamic SEO Meta & Canonical Header Tags KissER Error Handling and Debugging KissIT Image Thumbnailer Security Pro - Querystring protection against hackers ( a KISS contribution ) If you found my post useful please click the "Like This" button to the right. Please only PM me for paid work.
web-project Posted March 9, 2008 Posted March 9, 2008 General files like index.php should be 644 not 755. However I doubt that permissions are the problem it depends on hosting as on some hosting providers running php scripts as CGI thats why php files should be chmod to 755 The best way is set some range of IP address that shall be allowed. the best way is selecting the hosting which secure their servers with firewall protection. Please read this line: Do you want to find all the answers to your questions? click here. As for contribution database it's located here! 8 people out of 10 don't bother to read installation manuals. I can recommend: if you can't read the installation manual, don't bother to install any contribution yourself. Before installing contribution or editing/updating/deleting any files, do the full backup, it will save to you & everyone here on the forum time to fix your issues. Any issues with oscommerce, I am here to help you.
♥FWR Media Posted March 9, 2008 Posted March 9, 2008 it depends on hosting as on some hosting providers running php scripts as CGI thats why php files should be chmod to 755 I don't think so. All files at 755!!! PHP running as a CGI with "suexec" enabled uses 755 as its MAX not every file. Ultimate SEO Urls 5 PRO - Multi Language Modern, Powerful SEO Urls KissMT Dynamic SEO Meta & Canonical Header Tags KissER Error Handling and Debugging KissIT Image Thumbnailer Security Pro - Querystring protection against hackers ( a KISS contribution ) If you found my post useful please click the "Like This" button to the right. Please only PM me for paid work.
jordan Posted March 10, 2008 Posted March 10, 2008 What do you mean by being hacked? what are the hackers doing? I ask because i am also having issues with hackers adding links to the top of my sites or sometimes they put it in the middle of the index.php file above featured products. It is a bunch of links to porn, gaming sites, and such. i know where the hacked code should be but i am having a hard time finding it. maybe we can help eachother locate it if it is the same thing. It's a Zoo in Here, Literaly...
pbraconnot Posted March 11, 2008 Posted March 11, 2008 Hacked too! here they added a new category name with the name turkstorm.org I don't even know what language this site is. I need a way to secure the admin folder. What's the best way with OsCommerce?
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.