Latest News: (loading..)

mghay

Member Since 04 Mar 2009
Offline Last Active Apr 02 2012, 13:20

Find content

Community Stats

Group Community Member
Active Posts 34 (0.03 per day)
Most Active In General Add-Ons Support (19 posts)
Profile Views 3,863
Age Age Unknown
Birthday Birthday Unknown
Real Name
Mike Haylett
Gender
Not Telling

Contact Information

0 Neutral

Friends

mghay hasn't added any friends yet.

Latest Visitors

allenbrothers
05 May 2010, 22:56
bhavatmaj
04 May 2009, 10:25

Topics I've Started

PayPal page security problem

02 April 2012, 13:19

Hi, Placing this post here instead of under 'Security' to get maximum exposure of a hack threat which I have experienced.

Customers started to abandon sales at the PayPal checkout point but none would explain why.

Investigation showed that instead of an https paypal page I had this insecure page:

http://www."myshopname.com"/ext/modules/payment/paypal/webscr.php?cmd=flow

and this was a copy of the PayPal credit card data entry page, not the first PayPal payment page.

The webscr.php was a new file inserted at that location and the file catalog/includes/modules/payment/paypal_standard.php had been replaced.

I have SiteMonitor installed but that didn't indicate any problems.

Time to invest in more security!

Admin page timeout - possible to alter?

23 September 2011, 15:29

Hi,
V2.2 installed and works fine.
The admin page timesout after a few minutes of inactivity and requires a fresh login action - no problems there. But is it posssible to adjust the timeout point? If so, where?
I have found $SESS_LIFE=1440 in sessions.php but if this is the correct parameter, approx how long does 1440 equate to in mins/secs and is this a common parameter for all sessions (i.e. customer logins as well)?
Thanks,
Mike