bsonhome Posted November 3, 2009 Share Posted November 3, 2009 today one of my customer to me that, we show their info to other people......... this is what my customer told me "I received a phone call from a man who as logged onto your site and my details came up so he rang me to tell me and thats how he got my WHAT HAPPEN ? someone else can access my details ?" i have no idea what happen, any one can help ? thanks Link to comment Share on other sites More sharing options...
berkedam Posted November 3, 2009 Share Posted November 3, 2009 today one of my customer to me that, we show their info to other people......... this is what my customer told me "I received a phone call from a man who as logged onto your site and my details came up so he rang me to tell me and thats how he got my WHAT HAPPEN ? someone else can access my details ?" i have no idea what happen, any one can help ? thanks Pls. check with yr hoster whether you are on a "shared" server. If so check the forum for a solution. "If you're working on something new, then you are necessarily an amateur." Link to comment Share on other sites More sharing options...
phour19 Posted November 4, 2009 Share Posted November 4, 2009 I think you might need to read this post: http://www.oscommerce.com/forums/topic/330479-what-is-the-oscsid-why-you-must-not-loose-it/ "Clearly to ensure proper working of the above you must ensure no links to your site contain a sid either within search engines index (Prevent Spider Sessions), other sites linking to you or any links within your own site. If this does occur you can get users finding they are accessing another's account, orders getting mixed up and even billing going awry. There is a new tag (canonical) which could help you avoid this problem with search engines, though you must avoid this problem occurring in the first place." Tim How to secure your site. A must read Link to comment Share on other sites More sharing options...
bsonhome Posted November 8, 2009 Author Share Posted November 8, 2009 thanks for everyone luckly it only happen once, now i just delete that customer account, and do nothing, i hope this is not happen again and thanks for the link, but i do not konw much about script. so i may not do anything now thanks Link to comment Share on other sites More sharing options...
spooks Posted November 8, 2009 Share Posted November 8, 2009 thanks for everyone luckly it only happen once, now i just delete that customer account, and do nothing, i hope this is not happen again and thanks for the link, but i do not konw much about script. so i may not do anything now thanks Not a good idea, if it happened once it will happen again, check at least your admin settings are correct. :mellow: Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.