Guest Posted September 30, 2010 Share Posted September 30, 2010 How can I test to see if my site is secure? Thanks, Heather Link to comment Share on other sites More sharing options...
a1200 Posted September 30, 2010 Share Posted September 30, 2010 Hi Heather, if you follow the guide on this thread you will have a much more secure site than a default osCommerce install. You can test a site by testing it thoroughly, especially for known vulnerabilities, as well as doing server checks, like checking what ports are open etc. Link to comment Share on other sites More sharing options...
Guest Posted September 30, 2010 Share Posted September 30, 2010 I have used most of the security suggestions from this thread. However I am I not able to use them all. Security Pro gave me errors so I had to uninstall that. And I also was not able to use all of the htaccess codes for the same reason. What are the known vulnerabilities? And how does one check which ports are open? Thanks again, Heather Hi Heather, if you follow the guide on this thread you will have a much more secure site than a default osCommerce install. You can test a site by testing it thoroughly, especially for known vulnerabilities, as well as doing server checks, like checking what ports are open etc. Link to comment Share on other sites More sharing options...
Mort-lemur Posted September 30, 2010 Share Posted September 30, 2010 Hi, Use an xss scanner such as Acunetix free edition and "google" Free McAfee PCI Scan which once registered allows you to run on demand PCI Scans on upto 6 domains. Thanks Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members. Link to comment Share on other sites More sharing options...
Guest Posted September 30, 2010 Share Posted September 30, 2010 I just did a quick site check and have found the following two files in my main directory: gog1kbhwe96y25.tmp and googlef1ab46d07785.php I don't recall these files being here before. So if they are hacker files then I was hacked AFTER using what security settings I could use. Link to comment Share on other sites More sharing options...
♥mdtaylorlrim Posted September 30, 2010 Share Posted September 30, 2010 I just did a quick site check and have found the following two files in my main directory: gog1kbhwe96y25.tmp and googlef1ab46d07785.php I don't recall these files being here before. So if they are hacker files then I was hacked AFTER using what security settings I could use. Look in the files and see what is in them. The *could* be files put there to verify to Google that you own the site. I would think you would remember if you did that. Anyone else help you out with SEO stuff? Community Bootstrap Edition, Edge Avoid the most asked question. See How to Secure My Site and How do I...? Link to comment Share on other sites More sharing options...
Guest Posted September 30, 2010 Share Posted September 30, 2010 I haven't done any SEO stuff yet as I want to be sure I am secure before I "go live". those files are not files that I added. Look in the files and see what is in them. The *could* be files put there to verify to Google that you own the site. I would think you would remember if you did that. Anyone else help you out with SEO stuff? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.