ufodepot Posted October 22, 2010 Posted October 22, 2010 I had a hackin and Go Daddy helped me change the password to my database. Now when I try to bring up my site or go to the back office I get the following page error: Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'ufodepot'@'certain_ip_address' (using password: YES) in /path_to_admin_directory/includes/functions/database.php on line 20 Unable to connect to database server! What can I do to correct this so my website comes up and I can get to my back office? Anmyone, please help. I am at aa loss. Your help is deeply appreciated.
♥mdtaylorlrim Posted October 22, 2010 Posted October 22, 2010 I had a hackin and Go Daddy helped me change the password to my database. Now when I try to bring up my site or go to the back office I get the following page error: Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'ufodepot'@'certain_ip_address' (using password: YES) in /path_to_admin_directory/includes/functions/database.php on line 20 Unable to connect to database server! What can I do to correct this so my website comes up and I can get to my back office? Anmyone, please help. I am at aa loss. Your help is deeply appreciated. When you changed the passwords to your database did you also change them in the two configure.php files on your site? Community Bootstrap Edition, Edge Avoid the most asked question. See How to Secure My Site and How do I...?
ufodepot Posted October 22, 2010 Author Posted October 22, 2010 When you changed the passwords to your database did you also change them in the two configure.php files on your site? Hi mdtaylorlrim, I'm not very OS Commerce savy. No I did not. Where are they located and what do I change in them? I really appreciate your getting back to me and helping me. Thanks, Hope
♥mdtaylorlrim Posted October 22, 2010 Posted October 22, 2010 Hi mdtaylorlrim, I'm not very OS Commerce savy. No I did not. Where are they located and what do I change in them? I really appreciate your getting back to me and helping me. Thanks, Hope You have two configure.php files that contain the database username and password. /catalog/includes/configure.php /catalog/admin/includes/configure.php Assuming you installed in the catalog directory and you have not changed your admin directory name like you should have. Community Bootstrap Edition, Edge Avoid the most asked question. See How to Secure My Site and How do I...?
germ Posted October 22, 2010 Posted October 22, 2010 AHEM.... :blush: The trojan in your backup is still present. :o If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
ufodepot Posted October 23, 2010 Author Posted October 23, 2010 You have two configure.php files that contain the database username and password. /catalog/includes/configure.php /catalog/admin/includes/configure.php Assuming you installed in the catalog directory and you have not changed your admin directory name like you should have. Thank you sooooooo much. I changed the passwords in those files and now my store and admin are showing up. Now there something else. When I login to the admin the page comes up blank. No files are showing, yet I know they are there because my website it up and the ftp shows them. Do you have any suggestions on how to correct this? Thank you again, Hope
germ Posted October 23, 2010 Posted October 23, 2010 Visit the link below: How to Secure Your Site Pay close attention to "SECURING THE ADMIN" - Yours is vulnerable. It's easier to do a few security fixes now than to clean up a hacked store later. And if you don't secure the admin your shop will be hacked AGAIN! It's just a question of when... :o I've said this to you more than once, and yet you've done nothing. Maybe you don't realize the necessity of fixing the situation. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
germ Posted October 24, 2010 Posted October 24, 2010 You can remove /catalog/stats1.php It's not a dangerous file in itself, rather a "marker" leftover from a previous hack. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
MrPhil Posted October 24, 2010 Posted October 24, 2010 Since you were badly hacked and have no idea what to do to clean up, do the following. Save your two "configure.php" files to the side, to use as templates for restoring your settings (they may have been corrupted themselves, unless they were "read only" protected). Erase every other file on your site, except for the product images. If you're not certain that a given image file (.gif, .jpg, .png, etc.) is product or osC, just leave it be. If you have any other files that you know you added, that need to be kept, and you know what's supposed to be in them, you can leave them (e.g., site control files such as robots.txt, favicon.ico, error documents, protected directory passwords, perhaps the .htaccess). Anything in the "public" directory tree (e.g., /home/USER/public_html/, the website's / directory) is potentially corrupted, if not "read only" (and if the hacker didn't have login access to your site). Anything "above" the website root should be safe, as it's not accessible from the Web (but should be treated as suspect if the hacker had login account and password). Be sure to erase everything else -- hackers may plant other files on your site. It's unlikely, though not impossible, that a hacker planted something in your database, but that's something you'll have to discover for yourself. Next, secure your hosting account. Change all site access passwords and FTP passwords. Scan all PCs used to access your site for administration purposes, for "spyware", especially keystroke loggers and password sniffers. Make sure they're clean. Change all passwords again if you had to clean out any spyware. Note that at this point, you can't yet change your admin account password (in the database), as there is no osC. Get the .zip file with the osC 2.2 RC2a install in it and unzip it to your site, in the same directory structure as before (e.g., make sure that if your store was in /catalog, that's where files get unzipped to). Or unzip on a PC and upload to the right place. If you had left the osC image files on the site, you can just ignore the warnings and overwrite them with fresh copies. Restore the configure.php files with the proper settings from the original ones (or even just copy them back over, if you're sure they're clean). You should now have a working, clean site. Follow all the security recommendations or you'll be hacked again. Change your admin account password, if it wasn't done already. Re-install any add-ons you wish to use, test your store, unprotect your site so that others can get to it, and you're in business.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.