I noticed that the hostingcompany domeneshop (www.domeneshop.no), will remove all oscommerce installations from their servers due to security issues.
"I senere tid har sikkerhetshull i osCommerce i økende og høy grad blitt utnyttet i automatisert angrep. Sikkerhetshullene brukes til skade på websidene som bruker osCommerce, angrep på besøkende på disse websidene, til spamming, og til angrep på andre websider og tjenester...."
in english:
Lately, an incrising number of automated attacks on osCommerce sites has been noticed. The security holes are beeing used to compromise the pages, for spam and for attackig other pages and services....
Comments on this issue? I know there is a number of security patches available but guess that most people are unable to apply these. Is this improved/removed with 2.3.1?
Latest News: (loading..)
0
4 replies to this topic
#2
Posted 09 February 2011, 23:52
Basics for osC 2.2 Design - Basics for Design V2.3+ - Seo & Sef Url's - Meta Tags for Your osC Shop - Steps to prevent Fraud... - MS3 and Team News... - SEO, Meta Tags, SEF Urls and osCommerce
Check out my profile [click here] for information on professional services, custom coding, templates, SEO optimization, modifications, commercial support and help.
Check out my profile [click here] for information on professional services, custom coding, templates, SEO optimization, modifications, commercial support and help.
#3
Posted 16 March 2011, 08:49
I have several installations of 2.2 RC2 - and every one of them is getting hacked regularly - I have a number of so-called security fixes, but they do not appear to help!
Earlier versions of OSC did not seem to suffer from hacking so much - and I am not inclined to continue using this software any longer as it is too troublesome. Personally I do not believe that a myriad of fixes should be needed to achieve a reasonable measure of security.
2.3.1 does not appear to embody any major security fixes as far as I can see - I have no further use for this software and there surely must be something better!
Earlier versions of OSC did not seem to suffer from hacking so much - and I am not inclined to continue using this software any longer as it is too troublesome. Personally I do not believe that a myriad of fixes should be needed to achieve a reasonable measure of security.
2.3.1 does not appear to embody any major security fixes as far as I can see - I have no further use for this software and there surely must be something better!
#4
Posted 16 March 2011, 13:12
flysouth, on 16 March 2011, 08:49, said:
I have several installations of 2.2 RC2 - and every one of them is getting hacked regularly - I have a number of so-called security fixes, but they do not appear to help!
Quote
Earlier versions of OSC did not seem to suffer from hacking so much - and I am not inclined to continue using this software any longer as it is too troublesome. Personally I do not believe that a myriad of fixes should be needed to achieve a reasonable measure of security.
Quote
2.3.1 does not appear to embody any major security fixes as far as I can see - I have no further use for this software and there surely must be something better!
Recommended SEO Addons:
Most Important: Header Tags SEO - Ultimate SEO V 2.2d
All SEO Addons: Recommended SEO Addons
Support Links:
Finding relevant link exchanges - Headers Already Sent - What does it cost? -What's my version? - How to change titles? - Preventing HotLinking
Most Important: Header Tags SEO - Ultimate SEO V 2.2d
All SEO Addons: Recommended SEO Addons
Support Links:
Finding relevant link exchanges - Headers Already Sent - What does it cost? -What's my version? - How to change titles? - Preventing HotLinking
#5
Posted 16 March 2011, 22:18
A good host would tell you what to do to remain secure, not tell you to bounce from software to software.
A similar post: http://forums.oscommerce.com/topic/372587-oscommerce-is-not-a-good-option/page__p__1572216#entry1572216
A similar post: http://forums.oscommerce.com/topic/372587-oscommerce-is-not-a-good-option/page__p__1572216#entry1572216
