Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Site hacked - Running v2.2 RC2


mammuten

Recommended Posts

Posted

Someone uploaded a "index.html" file in the OSCommerce directory.

 

I run "v2.2 RC2".

 

Is there a later version, I noticed that I could download a version named "oscommerce-2.2rc2a".

 

Is that the same version or a new one?

Posted

Jan,

 

V2.2 RC2a is a new version and has some security updates available for it to make it more secure.

 

 

 

Chris

Posted

Thanks for your reply. I jjust downloaded the new version and looked at upgrade.htm

 

Do I need to make the changes in the files myself or how do I upgrade?

Posted

Jan,

 

Yes, there are file edits to be done to complete the upgrade to RC2a

 

 

Chris

Posted

Jan,

 

Make sure you make a complete backup of your files and database before doing any changes.

 

 

 

Chris

  • 2 weeks later...
Posted

Isnt threre any more simple way to update? This is crazy!

I really have to edit all those files by hand?

Posted

Jan,

 

 

That's why I say, creating a new site is usually less time consuming that trying to update one.

 

 

 

 

Chris

Posted

Firstly - the changes between RC2 and RC2a are tiny so I certainly wouldn't build a new site just to accommodate those changes.

 

Secondly - It won't make a jot of difference to the hack. If someone was able to upload a file to your catalog directory then you should be working with your hosts to find out how and why.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...