harnessg Posted May 9, 2008 Posted May 9, 2008 I've noticed recently that my stats show traffic going to URL's on my site like this: http://finearttouch.harnesshouse.com/shop/....eclub.lv/index? (This is really going to finearttouch.com/shop/product_info etc; the stats program just shows me the listing as a subdomain). I'm getting a TON of traffic from different IP addresses like this. I guess the question is, is this something I need to be concerned about? Is this some kind of security issue with osCommerce that they're trying to exploit? We're using a version of osCommerce from about a year ago. We had a fellow modify it to make it look like our main site (I think he used some add ins or enhancements from the community to do that). Glen
web-project Posted May 9, 2008 Posted May 9, 2008 Yes, someone trying to hack the website. I recommend to setup firewall on your server or if on shared hosting account ask the provider to activate it. Please read this line: Do you want to find all the answers to your questions? click here. As for contribution database it's located here! 8 people out of 10 don't bother to read installation manuals. I can recommend: if you can't read the installation manual, don't bother to install any contribution yourself. Before installing contribution or editing/updating/deleting any files, do the full backup, it will save to you & everyone here on the forum time to fix your issues. Any issues with oscommerce, I am here to help you.
♥FWR Media Posted May 9, 2008 Posted May 9, 2008 I've noticed recently that my stats show traffic going to URL's on my site like this: http://finearttouch.harnesshouse.com/shop/....eclub.lv/index? (This is really going to finearttouch.com/shop/product_info etc; the stats program just shows me the listing as a subdomain). I'm getting a TON of traffic from different IP addresses like this. I guess the question is, is this something I need to be concerned about? Is this some kind of security issue with osCommerce that they're trying to exploit? We're using a version of osCommerce from about a year ago. We had a fellow modify it to make it look like our main site (I think he used some add ins or enhancements from the community to do that). Glen These are querystring attacks. If you are not totally confident of the coding of your site and would like some peace of mind try installing Security Pro .. http://addons.oscommerce.com/info/5752 Security Pro takes a whitelist approach to querystring variables and does a pretty good job of killing these sort of attacks. Ultimate SEO Urls 5 PRO - Multi Language Modern, Powerful SEO Urls KissMT Dynamic SEO Meta & Canonical Header Tags KissER Error Handling and Debugging KissIT Image Thumbnailer Security Pro - Querystring protection against hackers ( a KISS contribution ) If you found my post useful please click the "Like This" button to the right. Please only PM me for paid work.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.