Shuen Posted April 19, 2011 Share Posted April 19, 2011 The main page of my site has directly dump to a site called "Hack Haber classhaber". I checked the files everything seems OK, but I'm not able to go to the OSC admin page, It shows a 404 error. and the index page of OSC just jump to the "install" folder and shows a 500 error. (The install folder was already removed when I finish the OSC installation.) I'm afraid the hacker steal my database so I didn't upload the install folder to fix this problem. I already deleted all the mySQL data to keep all the infomations are in safe. Before I re-install my site, I have some question. I checked the .htaccess . It seems normal. I upload a new htaccess file, try to point the main page(www.pupapa.com)to the OSC folder. But It still jump to the hacker' site. Even I create a new folder and upload a blank index.html page, It still shows 404 error. How can they wound my domain name? and How Can I fix it? Link to comment Share on other sites More sharing options...
FIMBLE Posted April 19, 2011 Share Posted April 19, 2011 Best way is to delete the whole fileset, then upload fresh from a recent back up. Once this is done look at the pinned topic under security to secure you site. Nic Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
FIMBLE Posted April 19, 2011 Share Posted April 19, 2011 This one http://www.oscommerce.com/forums/topic/313323-how-to-secure-your-oscommerce-22-site/ Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
Shuen Posted April 19, 2011 Author Share Posted April 19, 2011 Thanks FIMBLE Before the "Hack Haber classhaber", I already used the Security Pro and make the htaccess protection. Link to comment Share on other sites More sharing options...
FIMBLE Posted April 19, 2011 Share Posted April 19, 2011 there must be a vunerability in your folders then, i do not see how hackers would gain access to your admin area if it is htaccess protected. another possibility is that the hack was there prior to these being installed, Nic Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
Taipo Posted April 19, 2011 Share Posted April 19, 2011 Before I re-install my site, I have some question. I checked the .htaccess . It seems normal. I upload a new htaccess file, try to point the main page(www.pupapa.com)to the OSC folder. But It still jump to the hacker' site. Even I create a new folder and upload a blank index.html page, It still shows 404 error. How can they wound my domain name? and How Can I fix it? You might need to check higher up in the directory hierachy. Check in the main user directory. For example if the path to your shop directory is /home/yourusername/public_html/shop then have a look in yourusername directory for htaccess files. - Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)- Another discussion about infected files ::here::- A discussion on file permissions ::here::- Site hacked? Should you upgrade or not, some thoughts ::here::- Fix the admin login bypass exploit here- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX Link to comment Share on other sites More sharing options...
Shuen Posted April 20, 2011 Author Share Posted April 20, 2011 Thanks for the response. I already asked the hosting company to clear everything of my account, included the username directory. But the result shows the index page of my site still affecting by the hacker, and I have no idea what can I do next... Link to comment Share on other sites More sharing options...
FIMBLE Posted April 20, 2011 Share Posted April 20, 2011 Have you made sure all the code has gone from your files? By the sounds of it the answer is no, you need to do this and then sceure your site properly. Also do as suggested above and check top levels for htaccess redirects Nic Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
Shuen Posted April 21, 2011 Author Share Posted April 21, 2011 Thanks Taipo and Fimble, My hosting just do a deep clear for me, and the problem is already solve. But I still have no idea which file cause the problem... and any suggestion to protect the files in the username directory? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.