Jump to content


Corporate Sponsors


Latest News: (loading..)

- - - - -

Websites been hacked, question about a new installation

Started by themuir, Oct 21 2011, 14:34

  • You cannot reply to this topic
4 replies to this topic

#1 themuir

  • Community Member
  • 52 posts
  • Real Name:Thomas Muir

Posted 21 October 2011, 14:34

Hi there,

I have spent hours deleteing code and correcting pages but I just seem to be chasing my tail.

I wanted to do a fresh install of oscommerce. I have the database sql files.. is there a quick way to restore these into the new installation without uploading all the pages from the old site with the spyware and virus's included?

Please assist :-)

#2 DunWeb

  • Community Sponsor
  • 10,464 posts
  • Real Name:Chris Dunn
  • Gender:Male
  • Location:Tecumseh, Ontario, Canada N8N 1X8

Posted 21 October 2011, 14:49

Thomas,

If your site was Unmodified then you can just upload a fresh copy of osCommerce and connect it to the database. However, if the site had modifications then you cannot.

Further, you will need to check your database for malware. There have been reports of hackers loading malware into the database.

Chris
:|: Was this post helpful ? Click the LIKE THIS button :|:

:|: Click Here to learn how I can help you with custom coding, add ons, security and templates :|:

:|: Need an Area Calculator, Pre-Paid Account, Virtual Pin, Auction or Layaway Add on ? Click Here :|:

#3 themuir

  • Community Member
  • 52 posts
  • Real Name:Thomas Muir

Posted 21 October 2011, 15:18

Hi Chris, with regards to modifications what do you mean? Adding modules and stuff?

I'm probably a little over my head with this. I was only helping a friend out and have spent about a week chasing javascript codes and malware round.

Have you got any idea what I should be looking for as Im obviously missing stuff if it keeps coming back :-(

#4 themuir

  • Community Member
  • 52 posts
  • Real Name:Thomas Muir

Posted 21 October 2011, 15:23

Found a code in the ht access folder ... could be the issue .. will have a read how to lock the site down :-)

#5 Jack_mcs

  • Community Member
  • 24,453 posts
  • Real Name:Jack
  • Gender:Male

Posted 21 October 2011, 15:42

View Postthemuir, on 21 October 2011, 15:23, said:

Found a code in the ht access folder ... could be the issue .. will have a read how to lock the site down [img]http://forums.oscommerce.com//public/style_emoticons/default/whistling.gif[/img])
Just removing the changes the hacker has made usually won't do any good, as you've found out. If you are using a pre-2.3 version, then just replacing it with a new pre-2.3 version won't do you any good either since the original security issues would probably still be there. If you are using a pre-2.3 version and replace it with a 2.3 version, you have to start over completely (due to a poor design decision by the oscommerce team), or spend many hours getting it updated, assuming changes have been made to your original shop. So you need to first decide on what version of oscommerce you want to use. If pre-2.3, then you should apply the security cahnges mentioned in these forums to prevent this from hapenning again..
Recommended SEO Addons:
Most Important: Header Tags SEO - Ultimate SEO V 2.2d
All SEO Addons: Recommended SEO Addons

Support Links:
Finding relevant link exchanges - Headers Already Sent - What does it cost? -What's my version? - How to change titles? - Preventing HotLinking
Back to Security


  1. osCommerce Support Forum
  2. osCommerce Online Merchant v3.x
  3. Security
  4. Forum Rules