JeffSimmons_23266 Posted February 22, 2011 Share Posted February 22, 2011 I've changed the admin folder name, cleaned files and folders i was advised to and i still keep getting this one error. I replace it with a new index.php, its fine when i go to bed but 7 hours later this error is back...can anyone help. P.S ive installed security pro and ip trap thanks jeff Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/missscar/public_html/index.php(1) : eval()'d code:37) in /home/missscar/public_html/includes/functions/sessions.php on line 102 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/missscar/public_html/index.php(1) : eval()'d code:37) in /home/missscar/public_html/includes/functions/sessions.php on line 102 Link to comment Share on other sites More sharing options...
Guest Posted February 23, 2011 Share Posted February 23, 2011 Jeff, It is obvious you have failed to remove the hackers backdoor and anomalous files. You must ensure ALL malicous code and anomalous files have been removed from the website. THEN, secure it. Chris ps. If you are using Wordpress on the same hosting account, you will also need to secure it. Visit the wordpress forums for information on how to secure that. Link to comment Share on other sites More sharing options...
JeffSimmons_23266 Posted February 23, 2011 Author Share Posted February 23, 2011 Chris is there someway or something to run that will tell me where these are? Ive gone to the index.php and session.php and cant seem to find anything. Thanks Jeff Jeff, It is obvious you have failed to remove the hackers backdoor and anomalous files. You must ensure ALL malicous code and anomalous files have been removed from the website. THEN, secure it. Chris ps. If you are using Wordpress on the same hosting account, you will also need to secure it. Visit the wordpress forums for information on how to secure that. Link to comment Share on other sites More sharing options...
Guest Posted February 23, 2011 Share Posted February 23, 2011 Jeff, Chris is there someway or something to run that will tell me where these are? Ive gone to the index.php and session.php and cant seem to find anything. The ONLY real way to identify and remove malicious code and anomalous files is to download the website to your local machine and use a program like WINGREP to search for common hacker code.(eval, base63, decode) Then, check each file manually for irregular code. Chris Link to comment Share on other sites More sharing options...
Fyod Posted February 23, 2011 Share Posted February 23, 2011 I have the same problem. I have a couple installations of osCom on one server, along with some WordPress installs and PHPBB. There are multiple .html files (86mb worth) in some weird folders. I also have weird files in the /images folder. I keep deleting them, but it's getting very annoying. Could someone please link to the WordPress security fix? Link to comment Share on other sites More sharing options...
Guest Posted February 23, 2011 Share Posted February 23, 2011 Wordpress Forums Chris Link to comment Share on other sites More sharing options...
JeffSimmons_23266 Posted February 23, 2011 Author Share Posted February 23, 2011 I have one wordpress blog and 3 oscommerce sites and only one site is being affected. I have installed the plugin bulletproof security and still the same problem I have the same problem. I have a couple installations of osCom on one server, along with some WordPress installs and PHPBB. There are multiple .html files (86mb worth) in some weird folders. I also have weird files in the /images folder. I keep deleting them, but it's getting very annoying. Could someone please link to the WordPress security fix? Link to comment Share on other sites More sharing options...
Guest Posted February 23, 2011 Share Posted February 23, 2011 3 oscommerce sites and only one site is being affected. I have installed the plugin bulletproof security and still the same problem Only 1 is being affected ? That only means the hacker has not got around to ripping apart the others yet. Bulletproof security, will do NOTHING to secure your oscommerce websites. I hope you didn't pay money for that. Back to basics......download ALL files to your local machine, use WINGREP to locate malicious code and anomalous files on your server. Clean and remove those files as necessary, apply ALL security patches and contributions, upload the clean copy back to your server and then reopen your site. Do this for ALL oscommerce sites on your hosting account. Also, read the Wordpress forum on security to secure that installation as well. Chris Link to comment Share on other sites More sharing options...
JeffSimmons_23266 Posted February 23, 2011 Author Share Posted February 23, 2011 The bulletproof security is for wordpress and for oscommerce ive installed iptrap and security pro..ive also added all turkey to my control panel IP ban....I did download and run that wingrep and nothing shows Only 1 is being affected ? That only means the hacker has not got around to ripping apart the others yet. Bulletproof security, will do NOTHING to secure your oscommerce websites. I hope you didn't pay money for that. Back to basics......download ALL files to your local machine, use WINGREP to locate malicious code and anomalous files on your server. Clean and remove those files as necessary, apply ALL security patches and contributions, upload the clean copy back to your server and then reopen your site. Do this for ALL oscommerce sites on your hosting account. Also, read the Wordpress forum on security to secure that installation as well. Chris Link to comment Share on other sites More sharing options...
Guest Posted February 23, 2011 Share Posted February 23, 2011 Jeff, I am out of suggestions for you. Perhaps someone else can offer some input, but honestly without seeing the files on the site, it will be difficult to ascertain the problem. Chris Link to comment Share on other sites More sharing options...
JeffSimmons_23266 Posted February 23, 2011 Author Share Posted February 23, 2011 Chris, I would be happy to give you any access you would need, I'm not really that versed in codes and all. I just try my best. Anything you would be willing to do I would really appreciate, maybe I'm not doing something right. my email is [email protected] if you think you can help by looking at my files Thank You Thank you Jeff Jeff, I am out of suggestions for you. Perhaps someone else can offer some input, but honestly without seeing the files on the site, it will be difficult to ascertain the problem. Chris Link to comment Share on other sites More sharing options...
Guest Posted February 23, 2011 Share Posted February 23, 2011 Jeff, I have corrected the errors on your site. You still had hacker code in the application_top.php Chris Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.