Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Oscommerce Russian Hacker


Micro_PHP

Recommended Posts

All dears

I m running and Oscommerce site.

Russian hackers can access my site and can change my ftp files like checkout_process.php. I replace it daily 3-4 times and deleted the modified file.

I checked the log files no access from FTP. Also I blocked any IP to access my server. But still they hack it via some faulty oscommerce codes in the files.

Any body can help and tell me what to do?

Link to comment
Share on other sites

Like I told you in chat, delete your entire site and restore from a good backup, then apply security measures. For 2.2 versions: http://www.oscommerce.com/forums/topic/313323-how-to-secure-your-oscommerce-22-site/ , for 2.3.1: http://www.oscommerce.com/forums/topic/375288-updated-security-thread/.

If you don't have a backup you need to clean your files manually. If you're unsure how to do that I suggest you hire a professional.

~ Don't mistake my kindness for weakness ~

Link to comment
Share on other sites

I checked the log files no access from FTP. Also I blocked any IP to access my server. But still they hack it via some faulty oscommerce codes in the files.

Any body can help and tell me what to do?

You should secure the site, as mentioned. But if you have blocked the IP's, they cannot gain access, even if the site is not secure. So my guess is that you have only blocked a few IP's you've seen. You should block the whole country. That won't prevent experienced hackers from getting non-Russian IP's and still getting in but it will stop many.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

If the hacker is getting in so quickly, even after you clean your site, one of two things has happened:

  1. Your host has a massive security breach, allowing a hacker to roam at will. Besides talking to your host, make sure your directory and file permissions do not enable "world" or even "group" to write to your site. Directories must be 755 and files 644 (444 for configure.php files). Depending on the server configuration, it is possible that for osC (PHP) to upload certain files, you may have to grant group write permissions (775/664) or even (gasp!) world write permissions (777/666) to specific directories or files that osC complains it can't write to. At the other extreme, until you get this sorted out, you could lock down your site completely by 555 directory permissions and 444 file permissions.
  2. The hacker has spyware on your PC, giving him your passwords. Do a thorough virus and spyware scan of all PCs used to administer your site. Then, regardless of the results, change every password you can think of -- site control panel, FTP, admin account and directory access protection, database, etc. Don't forget to update your configure.php files. Enable your PC's firewall so you will be made aware of future attempts of spyware to sneak out your passwords.

Link to comment
Share on other sites

1. hackers have placed some back door files. So the moment you clean they some how get idea and reload/modify file.

 

option:

1. Protect you site using htaccess first.

2. Then clean all sites and remove all unwanted files.

3. Add .htaccess to all images folders that will not allow php execution.

4. Check for eval function and make sure those are from ok code if any exist.

 

Now open your site( also make sure your admin folder is renamed and password protected.)

Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site.

 

Check My About US For who am I and what My company does.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...