kinetiknz Posted July 4, 2010 Posted July 4, 2010 Hi there, I have just gone through a process removing Malware from my site which was hacked by some turks. It is now clean, but the admin tools are available to anyone without asking for a password?! I have installed the 'check permissions' contribution as a first step in securing the site, and adjusted the file permissions as per it's suggestions. The only file that seems to not be correct is the this: public_html/catalog/includes/configure.php which pops up a red flag when you enter the site. No combination of permissions that I have tried satisfies both the 'check permissions' contribution and the 'site top of page-pop up warning' Any help is greatly appreciated www.harrysgarden.co.nz
Guest Posted July 4, 2010 Posted July 4, 2010 Matt, Your site is listed as an attack site so I could not see it. However, you should read these 2 threads for more information about securing your site: http://www.oscommerce.com/forums/topic/313323-how-to-secure-your-site/ http://www.oscommerce.com/forums/index.php?showtopic=340995 If you are using a version prior to RC2a, I would also suggest you update it to meet the latest security requirements Chris
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.