Jump to content

Archived

This topic is now archived and is closed to further replies.

alwaysstressed

constantly hacked by team mosta

Recommended Posts

hi

i have been hacked 4 times by this awful team. This time i have an intact database and i have uploaded the new index pages however there seems to be a loop that sends the link from index to store straight to mostas home page.

can anyone help me please??

thankyou

Share this post


Link to post
Share on other sites

Take a look at any redirect rules in your .htaccess file.

If that does not work, find someone to cleanse and lock-down your site.


Help shape the future of Phoenix; join the Phoenix Club

Share this post


Link to post
Share on other sites

hi

it was a duplicate post as i am working on 2 not 3. Thanks for your response i have it back online and i shall check the ht access file as you have suggessted. This is the second time he has hacked the same shop. apparently there is a vulnerability in oscommerce? will there be a patch at any time ?

thanks again for your reply

Share this post


Link to post
Share on other sites

Patches have been available for a very long time (years in fact). There is a security thread that you can follow. If you are unsure, then contact a forum member who is more than just a "mouth" and get professional help (obviously, expect to pay for it).

 

As an aside, and not aimed at you, but at all shop owners; I have noticed that once set up, most shop owners do not bother to keep on top of updates and other released code etc. It's something that needs to be addressed - but I'm not quite sure the right way to go about it. Any ideas? I can keep blogging, tweeting and posting about security until I am blue in the face, but very few people take notice so long as their shop is working ok.

 

Put bluntly, it's a matter of WHEN, not IF, you get hacked if you do not make security changes.


Help shape the future of Phoenix; join the Phoenix Club

Share this post


Link to post
Share on other sites

I have noticed that once set up, most shop owners do not bother to keep on top of updates and other released code etc. It's something that needs to be addressed - but I'm not quite sure the right way to go about it. Any ideas? I can keep blogging, tweeting and posting about security until I am blue in the face, but very few people take notice so long as their shop is working ok.

 

Put bluntly, it's a matter of WHEN, not IF, you get hacked if you do not make security changes.

 

some open source solutions for things like e commerce, cms, forums, etc etc have an auto update feature. just how you could do this with oscommerce because of contributions and modifications is beyond me though :(

 

big red flashy text that reads "security update available - instal NOWWWWWWWWWW!" would probably get them to click and update :D

 

also id hate to think that some store owners/coders are not putting in security updates so the customer has to get the origonal coder to fix it..... at a cost of course

Share this post


Link to post
Share on other sites
I have noticed that once set up, most shop owners do not bother to keep on top of updates and other released code etc. It's something that needs to be addressed - but I'm not quite sure the right way to go about it.

 

As a freelancer, who pays for the security updates. My clients are low-budget affairs, which most OSC owners seem to be, so don't have the budget for updates. I am not willing to work for free, but will be considered at fault if the site is hacked. Its a tough sell to some one to say that they might get hacked when they reply with "why did you recommend that system then?". A shame-faced "Hackers are smarter than me" never goes over well. :blush: :'(

 

r

Share this post


Link to post
Share on other sites

As a freelancer, who pays for the security updates. My clients are low-budget affairs, which most OSC owners seem to be, so don't have the budget for updates. I am not willing to work for free, but will be considered at fault if the site is hacked. Its a tough sell to some one to say that they might get hacked when they reply with "why did you recommend that system then?". A shame-faced "Hackers are smarter than me" never goes over well. :blush: :'(

 

r

 

its not that they are smarter than you and its not because of oscommerce its because hackers, no matter what software, will try to hack ANYTHING. no software is exempt from a hacker. this is what i say

Share this post


Link to post
Share on other sites

×