Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Sunshop.pl file found on my site?


cmjennings21

Recommended Posts

I've just been doing some work on my site and found a file going by the name of sunshop.pl. it was residing in my images folder and appeared to be an sql injection code. Also in my images folder was a file by each of my db files. I've now removed the said file but wondered if anyone else had, had this happen and what do I need to do. I guess I have been hacked but should I be worried?

Link to comment
Share on other sites

In case your server requires open folders (777) for uploading product images, place an .htaccess file in that folder with following content:

 

# secure htaccess file
<Files .htaccess>
order allow,deny
deny from all
</Files>

# disable directory browsing
Options All -Indexes

# secure directory by disabling script execution
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI

 

This prevents any kind of script execution. Note: works only on Apache.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...