peterbuzzin Posted December 23, 2009 Share Posted December 23, 2009 Hi, Have found on a few of my stores that File Manager is being used to maliciously to upload files (php files hidden in images folder) and placing obfuscated javascript within the head tag of pages. This was brought to my attention after a few customers reported AVG warnings when they visited the sites. To solve this I've deleted all file_manager.php pages from all of my stores (in my case it was an unused feature) and added lines to .htaccess so that scripts wont run from the images folder. If it still don't work, hit it again! Senior PHP Dev with 18+ years of commercial experience for hire, all requirements considered, see profile for more information. Is your version of osC up to date? You'll find the latest osC version (the community-supported responsive version) here. Link to comment Share on other sites More sharing options...
spooks Posted December 23, 2009 Share Posted December 23, 2009 Hi, Have found on a few of my stores that File Manager is being used to maliciously to upload files (php files hidden in images folder) and placing obfuscated javascript within the head tag of pages. This was brought to my attention after a few customers reported AVG warnings when they visited the sites. To solve this I've deleted all file_manager.php pages from all of my stores (in my case it was an unused feature) and added lines to .htaccess so that scripts wont run from the images folder. The issue has been known for some time, you must apply all measures given here to be safe. Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.