today one of my customer to me that, we show their info to other people.........
this is what my customer told me "I received a phone call from a man who as logged onto your site and my details came up so he rang me to tell me and thats how he got my WHAT HAPPEN ? someone else can access my details ?"
i have no idea what happen, any one can help ?
thanks
Latest News: (loading..)
0
4 replies to this topic
#2
Posted 03 November 2009, 21:08
bsonhome, on 03 November 2009, 19:13, said:
today one of my customer to me that, we show their info to other people.........
this is what my customer told me "I received a phone call from a man who as logged onto your site and my details came up so he rang me to tell me and thats how he got my WHAT HAPPEN ? someone else can access my details ?"
i have no idea what happen, any one can help ?
thanks
this is what my customer told me "I received a phone call from a man who as logged onto your site and my details came up so he rang me to tell me and thats how he got my WHAT HAPPEN ? someone else can access my details ?"
i have no idea what happen, any one can help ?
thanks
If so check the forum for a solution.
"If you're working on something new, then you are necessarily an amateur."
#3
Posted 04 November 2009, 00:46
I think you might need to read this post:
http://forums.oscommerce.com/topic/330479-what-is-the-oscsid-why-you-must-not-loose-it/
"Clearly to ensure proper working of the above you must ensure no links to your site contain a sid either within search engines index (Prevent Spider Sessions), other sites linking to you or any links within your own site. If this does occur you can get users finding they are accessing another's account, orders getting mixed up and even billing going awry. There is a new tag (canonical) which could help you avoid this problem with search engines, though you must avoid this problem occurring in the first place."
Tim
http://forums.oscommerce.com/topic/330479-what-is-the-oscsid-why-you-must-not-loose-it/
"Clearly to ensure proper working of the above you must ensure no links to your site contain a sid either within search engines index (Prevent Spider Sessions), other sites linking to you or any links within your own site. If this does occur you can get users finding they are accessing another's account, orders getting mixed up and even billing going awry. There is a new tag (canonical) which could help you avoid this problem with search engines, though you must avoid this problem occurring in the first place."
Tim
How to secure your site. A must read
#4
Posted 08 November 2009, 20:06
thanks for everyone
luckly it only happen once,
now i just delete that customer account,
and do nothing, i hope this is not happen again
and thanks for the link, but i do not konw much about script. so i may not do anything now
thanks
luckly it only happen once,
now i just delete that customer account,
and do nothing, i hope this is not happen again
and thanks for the link, but i do not konw much about script. so i may not do anything now
thanks
#5
Posted 08 November 2009, 22:53
bsonhome, on 08 November 2009, 20:06, said:
thanks for everyone
luckly it only happen once,
now i just delete that customer account,
and do nothing, i hope this is not happen again
and thanks for the link, but i do not konw much about script. so i may not do anything now
thanks
luckly it only happen once,
now i just delete that customer account,
and do nothing, i hope this is not happen again
and thanks for the link, but i do not konw much about script. so i may not do anything now
thanks
Not a good idea, if it happened once it will happen again, check at least your admin settings are correct.
Sam
Remember, What you think I ment may not be what I thought I ment when I said it.
Contributions:
Auto Backup your Database, Easy way
Multi Images with Fancy Pop-ups, Easy way
Products in columns with multi buy etc etc
Disable any Category or Product, Easy way
Secure & Improve your account pages et al.
Remember, What you think I ment may not be what I thought I ment when I said it.
Contributions:
Auto Backup your Database, Easy way
Multi Images with Fancy Pop-ups, Easy way
Products in columns with multi buy etc etc
Disable any Category or Product, Easy way
Secure & Improve your account pages et al.
