My ISP just sent me this warning! Help!

[shanehamelin]

First, Im a total OS Commerce noob and could use some help know what to do here..

Below is the email my ISP sent me and I have no idea how to proceed. Now, I know enough

to setup the store but I just dont want to screw this one up..

 

Anyone? Please

 

Shane

 

 

 

Hello Shane

 

Update your installation of OS Commerce to the latest available and ensure that you have taken all security precautions in terms of locking down directories via chmod to the strictest permissions possible to still ensure function. The images can be restored by chmoding the ~/www/store/images directory to 0755. This will still prevent writing to the directory, but allow the images to be displayed. Whatever security flaw exists in your installation of OS Commerce has allowed unauthorized upload of spam scripts on multiple occasions to that directory. These scripts have caused our main server to be IP blacklisted as a spam source. We cannot have this happen again.

 

You must continually monitor the OS commerce installation to ensure that you are always using the most updated software available. Failure to do so allows the website to be open to newly discovered security compromises resulting in situations such as this.

 

Indigo Meridian / Positive Fusion

[burt]

Follow the instructions in the "secure your site" thread, after either;

 

1. restoring a known good backup

or

2. getting rid of the hack (if you don't have a known good backup)

 

rc2.3 is available on github which adds extra layers of security

[shanehamelin]

Is it either hard to find the hack or hard to upgrade?

 

Shane

 

 

 

 

Follow the instructions in the "secure your site" thread, after either;

 

1. restoring a known good backup

or

2. getting rid of the hack (if you don't have a known good backup)

 

rc2.3 is available on github which adds extra layers of security

[axioma]

[quote

 

rc2.3 is available on github which adds extra layers of security

 

WHERE??? i try to find it but, no luck...