Ian Lawther Posted February 7, 2011 Share Posted February 7, 2011 Someone has managed to get access to my website placing the message "DEATH_K1NG" against http://www.bagpipediscs.travelingpiper.com/ which is the subdomain where the store is housed. Customers are still able to get to the store as it is usually redirected from wwww.bagpipediscs.com . My webhosting company suggested taking down the whole site and I would like advice from other OsCommerce users about doing this. Has anyone else had such a problem and where do I start (well the first thing I did was back up the database) in fixing this. Ian Lawther Link to comment Share on other sites More sharing options...
Guest Posted February 7, 2011 Share Posted February 7, 2011 Ian, Follow these steps to clean and secure your website: 1) Lock down your site by using an .htaccess password so your customers are not attacked by the hackers code. 2) FTP all of the files to your local machine and use a program like WinGrep to identify and remove all malicious and anomalous files containing hacker code. 3) Delete the files on your hosting account before uploading the clean files. 4) FTP the clean files back to your hosting account and read and implement the security patches and contributions found in these two threads. Admin Security and Website Security. 5) Change all of your passwords: FTP, CPANEL, STORE ADMIN and DATABASE 6) Make sure File and Directory Permissions are set correctly. Directories no higher than 755, Files no higher than 644 and the TWO configure.php files no higher than 444 7) If your site has been 'black listed' as an attack site by Google, then log into Google Webmaster Tools and submit the site to be re-indexed and verified to be removed from the 'black list' 8) Remove the .htaccess password protection so your customers can resume making purchases from your website. 9) Monitor your website using the newly installed contributions to prevent future hacker attacks. 10) If you feel you can not perform any of the above steps, PM me for help, because if you miss any of these steps your site may remain accessible to the hacker. Chris Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.