expresshost Posted July 23, 2010 Share Posted July 23, 2010 Ok, i have been using OSC for years and have never see so many attempts lately, Just thought I would post this as I was looking at my logs when in real time this was happening to one of my carts. Saw this coming in and they search for the /admin/login.php file http://www.google.com/search?q=allinurl:/product_info.php%3Fproducts_id%3D+%22order%22&hl=en&ei=w7JJTNqVEsK88gb2mpSDDw&start=140&sa=N They are searching google and looking for all sites that have not changed the admin directory. Here is the IP they used, 113.169.107.29 All they got was a 404 since i changed my admin directory. But what i did is change it back to admin after I blocked the whole class A IP space. You would be surprised what I found, they could have any info including your customers CC#. Try it, you will be shocked. http://mydomain.com/store/admin/orders.php/login.php?page=1&oID=165&action=edit Link to comment Share on other sites More sharing options...
expresshost Posted July 23, 2010 Author Share Posted July 23, 2010 Ok, i have been using OSC for years and have never see so many attempts lately, Just thought I would post this as I was looking at my logs when in real time this was happening to one of my carts. Saw this coming in and they search for the /admin/login.php file http://www.google.com/search?q=allinurl:/product_info.php%3Fproducts_id%3D+%22order%22&hl=en&ei=w7JJTNqVEsK88gb2mpSDDw&start=140&sa=N They are searching google and looking for all sites that have not changed the admin directory. Here is the IP they used, 113.169.107.29 All they got was a 404 since i changed my admin directory. But what i did is change it back to admin after I blocked the whole class A IP space. You would be surprised what I found, they could have any info including your customers CC#. Try it, you will be shocked. http://mydomain.com/store/admin/orders.php/login.php?page=1&oID=165&action=edit I should have said, just change the domain name and directory to where you cart is in the link above. Good luck. Link to comment Share on other sites More sharing options...
Guest Posted July 23, 2010 Share Posted July 23, 2010 Dave, This would also help the admin area: http://www.oscommerce.com/forums/index.php?showtopic=340995 Chris Link to comment Share on other sites More sharing options...
expresshost Posted July 24, 2010 Author Share Posted July 24, 2010 Hi Chris, Thanks....i will add the extra layer for .htaccess Dave Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.