Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Site hacked through images folder


strub

Recommended Posts

Hi,

 

One of my older site (OSC v2.2 RC2a)is still being hacked.

 

There are being uploaded very mysterious files to the images directory such as: allnet.php, dvd.php, indo.php and so on.

 

 

Now, I have deleted filemanager as well as define_language.php. Furthermore, I have made a .htaccess password file for the admin. Lastly I added a .htaccess file for the images directory like this:

 

# Prevent directory listing
IndexIgnore *
Options All -Indexes

# Secure directory by disabling script execution
AddHandler cgi-script .php .php2 .php3 .php4 .php5 .php6 .php7 .php8 .pl .py .jsp .asp .htm .html .shtml .sh .cgi
Options -ExecCGI
<Files ~ "\.(php*|s?p?html|cgi|pl)$">
deny from all
</Files>

# Don't show this file
<Files .htaccess>
order allow,deny
deny from all
</Files>

# Force download
<Files *.*>
 ForceType application/octet-stream
#  Header set Content-Disposition attachment
</Files>

 

But they still upload these files after some hours. Did I miss something? Thanks in advance.

Link to comment
Share on other sites

More than likely, they have uploaded a backdoor to your server that is allowing unrestricted access. I suggest looking for and removing malicious code and anomalous files from your server.

 

 

 

 

 

Chris

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...