pcwarehouse Posted April 19, 2008 Posted April 19, 2008 Hi, I recently had several hacker attacks on my OS Commerce store, and they all came through the admin area, and changed settings, and uploaded programs to the server etc. Is there a security patch out there to patch the store. Especially for a live store it is very insecure....
Guest Posted April 19, 2008 Posted April 19, 2008 Hi, I recently had several hacker attacks on my OS Commerce store, and they all came through the admin area, and changed settings, and uploaded programs to the server etc. Is there a security patch out there to patch the store. Especially for a live store it is very insecure.... Yes, it is very insecure. Have you looked for solutions in the forum and in the knowledgebase?
FIMBLE Posted April 19, 2008 Posted April 19, 2008 Which version are you using? If its 2.2ms then it will only be protected by .htaccess which is OK for normal users but for more advanced programmers its not a hard nut to crack. Consider upgrading to the latest that stores the info in the database and not a flat file. Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
pcwarehouse Posted April 19, 2008 Author Posted April 19, 2008 Yes I looked in the knowledgebase. I also added a password protection to the admin folder. Hope this works. But the more I use OSC the more I think it sucks.
Guest Posted April 19, 2008 Posted April 19, 2008 Yes I looked in the knowledgebase. I also added a password protection to the admin folder. Hope this works. But the more I use OSC the more I think it sucks. Was that before or after the attack. If before, it may be your webhosts cpanel at fault.
FIMBLE Posted April 19, 2008 Posted April 19, 2008 Well i suppose this is not for every one, but to say that is a bit harsh. Web site security is the responsibility of the owner of the site and not the software. But then, if you upgraded to the latest version you will find it much more secure. Remember its a work in progress and each new version released included updates for any known code insecurity. Also remember it is free, a comparable product would cost you a lot in the market place. The number of users of the system is testament to is integrity. regards Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
Guest Posted April 19, 2008 Posted April 19, 2008 Yes, it is very insecure. Have you looked for solutions in the forum and in the knowledgebase? Depending on your osc version, there may be security patches that you need to install.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.