Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Site Hijacked?


rfscholl

Recommended Posts

Posted

It appears that our OS Commerce shop has been hijacked and I am looking for a little direction. First when you would browse to the site it asked to load an activex control. Overwriting the application_top.php file fixed that. Then this morning we noticed that our header was missing and the formatting of the site was all wrong. Uploading the entire includes directory fixed that, but now I have two other questions.

 

First, i am now getting this message at the top of any page in the shop:

Warning Warning: The downloadable products directory does not exist: /nfs/cust/2/70/95/359072/web/university/modules/catalog/download/. Downloadable products will not work until this directory is valid.

But that directory does exist. How can I fix that?

 

I would appreciate any direction on ways to lock down security so that I am not vulnerable to this in the future.

 

Thanks,

Rich

Posted

It appears that our OS Commerce shop has been hijacked and I am looking for a little direction. First when you would browse to the site it asked to load an activex control. Overwriting the application_top.php file fixed that. Then this morning we noticed that our header was missing and the formatting of the site was all wrong. Uploading the entire includes directory fixed that, but now I have two other questions.

 

First, i am now getting this message at the top of any page in the shop:

Warning Warning: The downloadable products directory does not exist: /nfs/cust/2/70/95/359072/web/university/modules/catalog/download/. Downloadable products will not work until this directory is valid.

But that directory does exist. How can I fix that?

 

I would appreciate any direction on ways to lock down security so that I am not vulnerable to this in the future.

 

Thanks,

Rich

 

Read This to fix your site security holes.

 

Without being familiar with your site, I would say that your download directory has been deleted, or moved.

This is the stock location of the download files as seen in your catalog/includes/configure.php file

 
define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 

Where DIR_FS_CATALOG = the reference in the same file

Example:

 define('DIR_FS_CATALOG', '/home/ravjip/public_html/catalog/');

 

Hope this helps.

Posted

Rich,

 

 

Also check the permissions for your directories, including the download directory.

 

 

 

Chris

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...