Jump to content


Corporate Sponsors


Latest News: (loading..)

* * * * * 1 votes

How to prevent hackers in Osc 2.1 and Osc 2.2

Started by web-seo, Aug 26 2011, 08:26

5 replies to this topic

#1 web-seo

  • Community Member
  • 4 posts
  • Real Name:3D Web Design
  • Gender:Male
  • Location:Sofia

Posted 26 August 2011, 08:26

Some free tips from me:

1. Password protect admin folder
2. Delete (or rename) files: admin/define_language.php and admin/file_manager.php
3. Add this code to your htaaccess at top (after Options +FollowSymLinks): 

Options +FollowSymLinks -Indexes
RewriteEngine On 
RewriteBase /

#Remote File Inclusion Protection
RewriteCond %{QUERY_STRING} ^.*=(ht)|(f)+(tp)+(://|s://)+.*(\?\?)+
RewriteRule .* http://frost.de/trap.php [R,L]

#XSS Protection
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ 404.shtml [F,L]
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]

# Block Bad Bots
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule .* - [F]


If you want more tips like this, just post your question in this topic :)

Edited by web-seo, 26 August 2011, 08:27.

#2 GemRock

  • Community Member
  • 2,069 posts
  • Real Name:Ken
  • Gender:Male
  • Location:UK

Posted 26 August 2011, 12:11

4. waste forum space so that hackers/spamers get lost...
commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile).
over 20 years of computer programming experience.

#3 DunWeb

  • Community Sponsor
  • 10,423 posts
  • Real Name:Chris Dunn
  • Gender:Male
  • Location:Tecumseh, Ontario, Canada N8N 1X8

Posted 26 August 2011, 13:50

Making redundant posts on the forum as a ploy to advertise your company on this forum will surely NOT receive the positive attention that you are aiming for. The above information and MORE can already be found in the Security Forum.



Chris
:|: Was this post helpful ? Click the LIKE THIS button :|:

:|: Click Here to learn how I can help you with custom coding, add ons, security and templates :|:

:|: Need an Area Calculator, Pre-Paid Account, Virtual Pin, Auction or Layaway Add on ? Click Here :|:

#4 web-seo

  • Community Member
  • 4 posts
  • Real Name:3D Web Design
  • Gender:Male
  • Location:Sofia

Posted 26 August 2011, 14:07

DunWeb, i dont want to advertise my company in any way. This piece of two lines in htaaccess (at top - RFI) block more than 100 exploits for these versions and make un-neccessary many addons for OSC. Why modify old versions of OSC if this is only 2 minutes fix?

Excuse me, but this code is not copied from this forum, we do this from 3-4 year ;)

I am new here, so just tell me where is Security Forum or maybe move topic if not in right place?

Edited by web-seo, 26 August 2011, 14:12.

#5 DunWeb

  • Community Sponsor
  • 10,423 posts
  • Real Name:Chris Dunn
  • Gender:Male
  • Location:Tecumseh, Ontario, Canada N8N 1X8

Posted 26 August 2011, 14:19

Excuse me ?


You already posted information on the security forum that refers to this posting. So, not only did you post redundant information, but you cross posted it.


Since you are knew to this forum, you should take a few moments to review forum policy.



Chris
:|: Was this post helpful ? Click the LIKE THIS button :|:

:|: Click Here to learn how I can help you with custom coding, add ons, security and templates :|:

:|: Need an Area Calculator, Pre-Paid Account, Virtual Pin, Auction or Layaway Add on ? Click Here :|:

#6 web-seo

  • Community Member
  • 4 posts
  • Real Name:3D Web Design
  • Gender:Male
  • Location:Sofia

Posted 29 August 2011, 07:19

DunWeb, do i know you and why pick on me?

I see now forum security but i dont have permission to move topic. I have read forum rules. Please, say me if I'm wrong with some of these rules.

Quote

... as a ploy to advertise your company

Please, say me: where You have found advertising in my post?

And about redundant posts, please, check this link. I just not find this information in forum.


P.S. To all mods: Sorry for offtopic.
Back to Tips and Tricks · Next Unread Topic →


  1. osCommerce Support Forum
  2. osCommerce Online Merchant v2.x
  3. Tips and Tricks
  4. Forum Rules