Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

The Roof Is On Fire

can_add

By can_add
in General Support

Recommended Posts

can_add

can_add

Posted
Posted

I started a thread a couple of hours ago regarding a problem with my site (http://www.oscommerce.com/forums/topic/348770-strange-error-appearing%E2%80%A6/)

 

I've done some more research and found what I believe is someone trying to hack my site. I was having the problem with my privacy.php file and after looking into it it seems someone had replaced the code with a script "The roof is on fire"

 

has anyone else had this problem? and do you know how I can protect my self against this attack? and what other files (if any) I should be checking for more of this hacks code?

 

thank

germ

germ

Posted
Posted

I started a thread a couple of hours ago regarding a problem with my site (http://www.oscommerce.com/forums/topic/348770-strange-error-appearing%E2%80%A6/)

 

I've done some more research and found what I believe is someone trying to hack my site. I was having the problem with my privacy.php file and after looking into it it seems someone had replaced the code with a script "The roof is on fire"

 

has anyone else had this problem? and do you know how I can protect my self against this attack? and what other files (if any) I should be checking for more of this hacks code?

 

thank

How to Secure Your Site

 

If they've hacked one file you'd better check all the rest.

:(

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

can_add

can_add

Posted
  • Author
Posted

How to Secure Your Site

 

If they've hacked one file you'd better check all the rest.

:(

 

 

Thanks for the link... I found this problem last week. I've since replaced the hacked file with the original, changed all ftp usernames and passwords, as well as all admin usernames and passwords.

 

To my surprise the same file was hacked again yesterday. How could this have happened? Is it possible that this could have be done with an injection?

 

Today I've gone ahead and removed file_manager.php and define_language.php do you think this will help.

 

Does anyone have any other advise?

latincosmo

latincosmo

Posted
Posted

Hello Adam, I've also been hacked a couple of months ago. It took me about a week to install all secure tips I was able to find.

 

This is what I recommend you to do ASAP:

 

1-Block all IPs according to http://www.wizcrafts.net/exploited-servers-blocklist.html using .htacces directives. I detected in my logs the attacks came from china and korea.

2-Clean up all files ASAP to prevent search engines from index incorrect pages.

3-Change the admin folder to something like /adam.yourdayofbirth.Ad

4-Permit access to your admin folder only from the IP addresses your are accessing from

5-Follow all directives on the link provided above.

 

Good luck

Ben Nevis

Ben Nevis

Posted
Posted

I guess you didn't read the link in Germ's message 'How to secure your site'...

 

Read it. Do everything suggested, which is a lot more than what you went off and did without reading it.

www.jyoshna.com. Currently using OsC with STS, Super Download Store, Categories Descriptons, Manufacturers Description, Individual Item Status, Infopages unlimited, Product Sort, Osplayer with flashmp3player, Product Tabs 2.1 with WebFx Tabpane and other bits and pieces including some I made myself. Many thanks to all whose contributions I have used!

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...