jimwin Posted March 22, 2011 Share Posted March 22, 2011 Hello osCommerce experts! I've been asked by a friend of mine to help out as his osCommerce site keeps getting hacked. Now I come from an IT background, mainly corporare Novell and Microsoft, but I've also "dabbled" in some php web applications like Joomla and SMF forums, so I thought I would be able to help him. The first thing I've noticed is that he is running V2.2 RC2, which I believe is what is causing him the problems. I've looked around the osCommerce site, and I was hoping for a simple upgrade path to get him up to date, but all I have found so far seems to be manually updating php code. I think this is going to be beyond my skill level, so I was wondering if there are any installation scripts or automated patching such as I am more familiar in the worlds of Joomla and SMF? I think if there is not, then I may have to refuse to help him. Thanks for looking! Link to comment Share on other sites More sharing options...
pdcelec Posted March 22, 2011 Share Posted March 22, 2011 Hello osCommerce experts! I've been asked by a friend of mine to help out as his osCommerce site keeps getting hacked. Now I come from an IT background, mainly corporare Novell and Microsoft, but I've also "dabbled" in some php web applications like Joomla and SMF forums, so I thought I would be able to help him. The first thing I've noticed is that he is running V2.2 RC2, which I believe is what is causing him the problems. I've looked around the osCommerce site, and I was hoping for a simple upgrade path to get him up to date, but all I have found so far seems to be manually updating php code. I think this is going to be beyond my skill level, so I was wondering if there are any installation scripts or automated patching such as I am more familiar in the worlds of Joomla and SMF? I think if there is not, then I may have to refuse to help him. Thanks for looking! In a word "No" although the manual updates are not difficult, time consuming yes, Link to comment Share on other sites More sharing options...
Guest Posted March 22, 2011 Share Posted March 22, 2011 Jim, His RC2 site would have to be updated to RC2a, and then updated to v2.3.1. As Paul mentioned, updates are time consuming and any contributions added to the website would also need to updated to be compatible with the newer versions. IMO, it is less time consuming and more economical to build a new website than it is to update an old site. Chris Link to comment Share on other sites More sharing options...
spw2000 Posted March 23, 2011 Share Posted March 23, 2011 His RC2 site would have to be updated to RC2a, and then updated to v2.3.1. As Paul mentioned, updates are time consuming and any contributions added to the website would also need to updated to be compatible with the newer versions. IMO, it is less time consuming and more economical to build a new website than it is to update an old site. Does anyone know of release 2.3.1 includes all the (anti-hacking) security fixes and patches as per the sercurity section of the forum??? Also - is there a note somewhere detailing the database differences between 2.2 qand 2.3.1 as a start from scratch (even if mods have to be reapplied) looks like a better option in he case of the site I am looking after. Link to comment Share on other sites More sharing options...
Guest Posted March 23, 2011 Share Posted March 23, 2011 Steffan, 2.3.1 incorporates the security patches recommended in the previous version, however it still requires the 5 'must have' security contributions described here. (be sure to use the 2.3.1 versions of those) The 2.3.1 download contains information in the /extras folder on how to update the database. Chris Link to comment Share on other sites More sharing options...
jimwin Posted March 23, 2011 Author Share Posted March 23, 2011 Thanks for the information guys, thats what I feared. I'm certainly not over-confident on making manual changes on what is essentially a live web shop at this point, so I'm going to have to give my friend the bad news, and see if he wants to do a clean, new site. Cheers, Jim Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.