Jump to content
  • Checkout
  • Login
  • Get in touch


The e-commerce.

Web Site Hacked Constantly


Recommended Posts



I took over a heavily modified Oscommerce store about 2 years ago and just recently it has been hacked about once a week and is becoming more frequent. I've installed all of the add-ons suggested in the Securing Your Site thread and more. I have a custom cron job that alerts me if files are changed. I have PHP IDs installed, mod_security on the server along with suhosin.


The hack is always script injection and only ever 2 files which are /catalog/index.php and /catalog/product_info.php

I just don't know what more I can do to secure this web site apart from rebuild it which is not an option unless I want to go bankrupt.


Any help to resolve my hacking problem would be appreciated. If you want to take a look at the web site in question please pm me for the url.


Thanks :thumbsup:

Link to comment
Share on other sites

Well the first thing is you still have your admin directory called admin, see my profile for some essential steps to secure your site.



Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile


Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.


For links mentioned in old answers that are no longer here follow this link Useful Threads.


If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...