Jump to content
Sign in to follow this  
marvinlange

Unknown Cause of error

Recommended Posts

I suspect you have installed ip trap & have errors with that.


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

Hi Marvin,

 

 

I just went through a test order on your site and DID NOT find anything unusual about the transaction.

 

I placed an order for :Notebook Case Empire 17in, chose to create an account, chose to pay with money order and found no problems at all.

 

 

 

HOWEVER, You should read the thread on how to secure your site.

 

http://forums.oscommerce.com/topic/313323-how-to-secure-your-site/page__st__260__p__1467163__hl__security%20spooks__fromsearch__1entry1467163

 

 

 

The layout and design of the site is good, the security is POOR.

 

 

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

Anyone have any Ideas I'M loosing business I dont normaly post my domain but if you go to http://www.comtekcomputers.com

 

and search for router

then try and add it to the cart you will get this error every time

 

I dont even know were to start to look

Try some proper tests and report back. I do not get the error when I do as you say.


The Coopco Underwear Shop

 

If you live to be 100 years of age, that means you have lived for 36,525 days. Don't waste another, there aren't many left.

Share this post


Link to post
Share on other sites

I made this change and my ( Your IP has Been Logged ) Message went away but did I remove the security by doing this ?

 

find

RewriteCond %{QUERY_STRING} (;|'|"|%22).*(union|select|insert|drop|update|md5|benchmark|or|and|if).* [NC]

 

im no expert in this but did ask on expert exchange what was causing the problem and above is what they recommended

 

and replace with

RewriteCond %{QUERY_STRING} (;|'|"|%22).*(union|select|insert|drop|update|md5|benchmark).* [NC]

 

file uploaded says the same thing

 

here is the post http://addons.oscommerce.com/info/6044

Share this post


Link to post
Share on other sites

Try some proper tests and report back. I do not get the error when I do as you say.

 

I'm sorry I was up all night last night trying to find out what was causing it and when I changed it the error went away it was 100% because I remoted into several different computers that I remotely manage with completely different ISP's and IP's I got the same error but after changing the code below it went away. And I was to exhausted. to come post my findings before you checked. Sorry:(

 

find

RewriteCond %{QUERY_STRING} (;|'|"|%22).*(union|select|insert|drop|update|md5|benchmark|or|and|if).* [NC]

 

im no expert in this but did ask on expert exchange what was causing the problem and above is what they recommended

 

and replace with

RewriteCond %{QUERY_STRING} (;|'|"|%22).*(union|select|insert|drop|update|md5|benchmark).* [NC]

Share this post


Link to post
Share on other sites

I suspect you have installed ip trap & have errors with that.

 

Is it Necessary to rename the admin folder if you have it password protected via Cpanel ?

Share this post


Link to post
Share on other sites

Is it Necessary to rename the admin folder if you have it password protected via Cpanel ?

If you do not rename the folder and make the necessary changes in the admin configure.php file, you will get hacked for sure.


The Coopco Underwear Shop

 

If you live to be 100 years of age, that means you have lived for 36,525 days. Don't waste another, there aren't many left.

Share this post


Link to post
Share on other sites

Done thank you everything seems to still be working as well :)

 

 

Coopco

Do you think the change I maid to the httacsess file disables the security ?

I have no idea, no expertise about htaccess. Any additional level of security that does not kill your site is good. There are a few addons that address htaccess.

 

BTW, I have had 4 hack attempts since my last post here. They were trying to access the admin directory and are now banned.


The Coopco Underwear Shop

 

If you live to be 100 years of age, that means you have lived for 36,525 days. Don't waste another, there aren't many left.

Share this post


Link to post
Share on other sites

Hey now that I know were the log is I see that their are a bunch of IP's band and some are recent so I'm Pretty sure my htaccess. is up to par I also Implemented almost all the the ones that that forum recommended and even found I had some of them already installed they were just turned off because I did not know any better. But Thanks to woulderful People like your self that are willing to help I'm feeling much better now.

Have a Merry Christmas !!! rolleyes.giflaugh.gifthumbsup.gif

Thanks

Marvin

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×