Hello,
I want to share this with you and see what you think. I welcome any suggestions.
I have this oscommerce site (osCommerce 2.2-MS2) that I have been trying to upgrade because of the humongous number of hack attacks...
I have protected a directory and started working in another new version(osCommerce Online Merchant v2.2 RC2a) but since I have started the site that is online has continued to be hacked and now even the new version too.
I tried to ask the server for a solution and if they could trace where the attacks come from, but the only answer I could get from them is that OsCommerce is a CMS full of bugs, security holes and that they recommend me to switch to another CMS like: tommatocart, prestashop or magento, because the community is not what it used to be, because versions are never updated and lots of their clients have the same problems so they are migrating to other CMS, because the weaknesses are used to send spam, inject code etc...
So I would like to know your opinions about it.
Latest News: (loading..)
0
5 replies to this topic
#2
Posted 16 March 2011, 15:49
oscommerce is secure when set up correctly. I've used 2.2ms2 for 5 years and only had 1 problem recently to do with tell a friend being used for spam, I am now re building my shop on 2.3.1 which applied a lot of security patches. But even 2.3.1 needs to be set up correctly in order to be secure.
#3
Posted 16 March 2011, 17:49
Flip, on 16 March 2011, 15:36, said:
but the only answer I could get from them is that OsCommerce is a CMS full of bugs, security holes and that they recommend me to switch
This community has done lots of work to provide security solutions for both the cart and the server. Countless stores are operating online without being hacked because they have added the proper security measures.
Compared to the answer you got from your host?
Tim
#4
Posted 16 March 2011, 18:08
My hosts have just upgraded their fantasico install to 2.3.1 from 2.2.
If you follow the instructions in the security forum, your store should be secure. Your getting hacked because you have done nothing about your security, or you havent followed the posts correctly. You cant blame oscommerce for that.
If you follow the instructions in the security forum, your store should be secure. Your getting hacked because you have done nothing about your security, or you havent followed the posts correctly. You cant blame oscommerce for that.
REMEMBER BACKUP, BACKUP AND BACKUP
I am not a coder. OSC has a steep learning curve, but in general the program does work. If it doesnt work, the chances are it is something you have done.
I am not a coder. OSC has a steep learning curve, but in general the program does work. If it doesnt work, the chances are it is something you have done.
#5
Posted 16 March 2011, 22:12
If that is your hosts response for security, find a new host. *EVERY* open source cart is going to experience hacks. The more popular the software, the more prone to hacks it will be.
If the cart owner doesn't take the time to patch security holes or remain up to date, the onus is on the cart owner.
If it aint broke, don't fix it. 
The problem isn't oscommerce, it's the site owners and hosts for pushing these stupid ideas into peoples' head.
What will your hosts response be when your next cart is compromised?
If the cart owner doesn't take the time to patch security holes or remain up to date, the onus is on the cart owner.
Quote
because versions are never updated
The problem isn't oscommerce, it's the site owners and hosts for pushing these stupid ideas into peoples' head.What will your hosts response be when your next cart is compromised?
