Hi,
I have Linux server.
I have build http://sunrosefashions.com/ this site in oscommerce version v2.0
i am scared, i didnt get how some one access my db even though my server doesn't allow for remote access.
Also write some encrypted data files on root and images folder. Specialy it updated the filed name STORE_NAME in configure table.
when i update the field value in configure table after 1 or 2 days again it get updated by virus scipt.
Can some one help to solve this?
Thanks & regards,
Anil
Latest News: (loading..)
0
os commerce version 2.0 database access to other
Started by anils2986, Oct 03 2011, 13:51
virus updated configure table
3 replies to this topic
#2
Posted 03 October 2011, 14:19
Basics for osC 2.2 Design - Basics for Design V2.3+ - Seo & Sef Url's - Meta Tags for Your osC Shop - Steps to prevent Fraud... - MS3 and Team News... - SEO, Meta Tags, SEF Urls and osCommerce
Check out my profile [click here] for information on professional services, custom coding, templates, SEO optimization, modifications, commercial support and help.
Check out my profile [click here] for information on professional services, custom coding, templates, SEO optimization, modifications, commercial support and help.
#3
-
- Community Sponsor
-
- 10,466 posts
- Real Name:Chris Dunn
- Gender:Male
- Location:Tecumseh, Ontario, Canada N8N 1X8
Posted 03 October 2011, 14:38
Follow these steps to clean and secure your website:
1) Lock down your site by using an .htaccess password so your customers are not attacked by the hackers code.
2) FTP all of the files to your local machine and use a program like WinGrep to identify and remove all malicious and anomalous files containing hacker code. Look for keywords such as 'base64','eval','decode'.
3) Delete the files on your hosting account before uploading the clean files.
4) FTP the clean files back to your hosting account and read and implement the security patches and contributions found in these two threads. Admin Security and Website Security.
5) Change all of your passwords: FTP, CPANEL, STORE ADMIN and DATABASE
6) Make sure File and Directory Permissions are set correctly. Directories no higher than 755, Files no higher than 644 and the TWO configure.php files no higher than 444
7) If your site has been 'black listed' as an attack site by Google, then log into Google Webmaster Tools and submit the site to be re-indexed and verified to be removed from the 'black list'
8) Remove the .htaccess password protection so your customers can resume making purchases from your website.
9) Monitor your website using the newly installed contributions to prevent future hacker attacks.
10) If you feel you can not perform any of the above steps, you should seek professional help to ensure all malware is removed.
Chris
1) Lock down your site by using an .htaccess password so your customers are not attacked by the hackers code.
2) FTP all of the files to your local machine and use a program like WinGrep to identify and remove all malicious and anomalous files containing hacker code. Look for keywords such as 'base64','eval','decode'.
3) Delete the files on your hosting account before uploading the clean files.
4) FTP the clean files back to your hosting account and read and implement the security patches and contributions found in these two threads. Admin Security and Website Security.
5) Change all of your passwords: FTP, CPANEL, STORE ADMIN and DATABASE
6) Make sure File and Directory Permissions are set correctly. Directories no higher than 755, Files no higher than 644 and the TWO configure.php files no higher than 444
7) If your site has been 'black listed' as an attack site by Google, then log into Google Webmaster Tools and submit the site to be re-indexed and verified to be removed from the 'black list'
8) Remove the .htaccess password protection so your customers can resume making purchases from your website.
9) Monitor your website using the newly installed contributions to prevent future hacker attacks.
10) If you feel you can not perform any of the above steps, you should seek professional help to ensure all malware is removed.
Chris
:|: Was this post helpful ? Click the LIKE THIS button :|:
:|: Click Here to learn how I can help you with custom coding, add ons, security and templates :|:
:|: Need an Area Calculator, Pre-Paid Account, Virtual Pin, Auction or Layaway Add on ? Click Here :|:
:|: Click Here to learn how I can help you with custom coding, add ons, security and templates :|:
:|: Need an Area Calculator, Pre-Paid Account, Virtual Pin, Auction or Layaway Add on ? Click Here :|:
