swguy Posted September 19, 2009 Posted September 19, 2009 This contribution provides a quick way to assess your site's security and check for possible hacks by checking the following: * the presence of admin/file_manager.php * admin users * php scripts in the images directory * directories with permissions other than 0x755 * php files which include "eval" (this is an known exploit vector). * files with permissions other than 0x644 Download here: http://addons.oscommerce.com/info/7026 Quote Contributions: Better Together and Quantity Discounts for osCommerce 2.3.x and Phoenix. See my profile for more details.
swguy Posted November 15, 2009 Author Posted November 15, 2009 SysCheck has been updated to do more extensive tests for scripts in unexpected places; in addition to checking for .php files, it now checks for .pl, .py and .cgi filetypes. Download here: http://addons.oscommerce.com/info/7026 Quote Contributions: Better Together and Quantity Discounts for osCommerce 2.3.x and Phoenix. See my profile for more details.
blr044 Posted May 27, 2010 Posted May 27, 2010 After running the syscheck by entering the address in the browser window, I get a large list of files under Files with incorrect permissions. Vast majority is the images. The permissions for such images, is set at 755. It is my understanding this is correct. So why does syscheck show them having incorect permission code? The only way I found to have not be listed under Files with incorrect permissions is by setting the image to 444. Quote
New 
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.