mase2hot Posted February 9, 2009 Share Posted February 9, 2009 Hi, someone with plenty of time hacked my site today http://www.jcdcgadgets.co.uk/shop/ it was only a test site while I messed around with a template. The only place where I had published the url was this forum so probaby some nutter who saw it here as site was only live since friday. Anyone have any ideas on how this was done? I'm a little concerned that if its easy to hack that when I get my site up an running the same thing could happen... any advice would be great, my isp is quite secure well I think it is...lol Link to comment Share on other sites More sharing options...
germ Posted February 9, 2009 Share Posted February 9, 2009 There's a PHP file in your images folder (c99.php). Did you put it there? Do you have any folders with 777 permissions? They should be no higher than 755. Improper permissions is the easiest way to get hacked. :blush: If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
burt Posted February 9, 2009 Share Posted February 9, 2009 You also need to get your website hosting sorted out - either deny directory indexing or plonk an index.php into every folder. Link to comment Share on other sites More sharing options...
mase2hot Posted February 9, 2009 Author Share Posted February 9, 2009 c99.php no i didnt how did you find it though amoung the amount of files I had? Link to comment Share on other sites More sharing options...
cmjennings21 Posted February 9, 2009 Share Posted February 9, 2009 c99.php no i didnt how did you find it though amoung the amount of files I had? I was told to include a .htaccess file in the root of the images directory when this happened to me. heres a copy # secure htaccess file <Files .htaccess> order allow,deny deny from all </Files> # disable directory browsing Options All -Indexes # secure directory by disabling script execution AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi Options -ExecCGI Apparently only works on Apache servers. What exactly happens when they plonk files in this directory? I guess they run a script which mines all your data and squirts it back to the b*****s? Link to comment Share on other sites More sharing options...
spooks Posted February 9, 2009 Share Posted February 9, 2009 It may be best to get your site wiped & restore from backup, I`ve noticed that sometimes these hackers add seemingly inocious stuff, but put nasty viri, worms, backdooors etc hidden away. Also: http://www.oscommerce.com/forums/index.php?showtopic=313323 Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.