tinhyeuon Posted January 9, 2011 Share Posted January 9, 2011 Please help me, When I use osCommerce, I do not understand my site, it automatically runs to the site: zxsoftpromo.ru /, bepersonal-guard.in /, etymeri.ru /. it is toxic, but google it the site warns. What do I do, when I checked there is no link in the code to my site. Thank you Link to comment Share on other sites More sharing options...
Guest Posted January 9, 2011 Share Posted January 9, 2011 Please help me, When I use osCommerce, I do not understand my site, it automatically runs to the site: zxsoftpromo.ru /, bepersonal-guard.in /, etymeri.ru /. it is toxic, but google it the site warns. What do I do, when I checked there is no link in the code to my site. Thank you Follow these steps to clean and secure your website: 1) Lock down your site by using an .htaccess password so your customers are not attacked by the hackers code. 2) FTP all of the files to your local machine and use a program like WinGrep to identify and remove all malicious and anomalous files containing hacker code. 3) Delete the files on your hosting account before uploading the clean files. 4) FTP the clean files back to your hosting account and read and implement the security patches and contributions found in these two threads. Admin Security and Website Security. 5) Change all of your passwords: FTP, CPANEL, STORE ADMIN and DATABASE 6) Make sure File and Directory Permissions are set correctly. Directories no higher than 755, Files no higher than 644 and the TWO configure.php files no higher than 444 7) If your site has been 'black listed' as an attack site by Google, then log into Google Webmaster Tools and submit the site to be re-indexed and verified to be removed from the 'black list' 8) Remove the .htaccess password protection so your customers can resume making purchases from your website. 9) Monitor your website using the newly installed contributions to prevent future hacker attacks. 10) Seek out experienced help if you feel you can not perform any of the above steps. If you miss any of these steps your site may remain accessible to the hacker. Chris Link to comment Share on other sites More sharing options...
esm Posted January 10, 2011 Share Posted January 10, 2011 I have the same problem. My index.html as well as the index.php file are wiped out and their content is replaced with a weird javascript. When I try to run WinGrep, it asks me to enter a "search string". How am I supposed to know that? Thanks, Ed Link to comment Share on other sites More sharing options...
Procommerce Posted January 10, 2011 Share Posted January 10, 2011 That was a fast and accurate reply from Chris! Liked this very much: 10) Seek out experienced help if you feel you can not perform any of the above steps. If you miss any of these steps your site may remain accessible to the hacker. Providing Ecommerce & CRM Solutions since 1995 Vote my post up if you found it usefull Link to comment Share on other sites More sharing options...
Guest Posted January 10, 2011 Share Posted January 10, 2011 Ed, If you are using wingrep, try the search string eval base64 which is the most common encryption used by hackers. There are others but that is a good place to begin. Chris Link to comment Share on other sites More sharing options...
esm Posted January 10, 2011 Share Posted January 10, 2011 To Chris: Thanks for the input. I ran "eval base64" through WinGrep and it did not return any results. Yet somehow, whenever I fix the two wiped out files (index.html, index.php) the website/cart is accessable for a day, then they are wiped out again the next day. What should I do next? To ProCommerce: This is a help forum, right? It exists so newbies like myself can ask for help? How was your post "10) Seek out experienced help if you feel you can not perform any of the above steps" helpful? Why did you bother to post in the first place if you don't have any meaningful contribution to make? Link to comment Share on other sites More sharing options...
Guest Posted January 10, 2011 Share Posted January 10, 2011 Ed, That can only mean that the hacker has placed a backdoor on your site. Although he did not encrypt any code using eval base64, he undoubtedly has access using an anomalous file. As for Procommerce, you will have to forgive him, he has been dredging for new clients here for about a month and seems to be showing signs of desperation now. Chris Link to comment Share on other sites More sharing options...
Procommerce Posted January 11, 2011 Share Posted January 11, 2011 Hey chris, that comment was not so nice! Hey ESM, you joined 6 years ago... you are still a newbie? c'mon! Anyways, will try to set this clear... Esm, sorry if my comment bothered you, found little to add to chris CTRL+V speech and was trying to be funny, sorry again. Chris, thanks for the "desperate" input, guess you are reflecting your own feelings... like the fear of knowing new peolple where YOU look for clients aswell... As a helpful comment.... for what i read, ESM, if you dont find the Eval thing try with "iframe".... Try to upload aclean copy of an htaccess. Providing Ecommerce & CRM Solutions since 1995 Vote my post up if you found it usefull Link to comment Share on other sites More sharing options...
Guest Posted January 11, 2011 Share Posted January 11, 2011 Procommerce, 90% of my 5000+ posts are to help others with their problems. However, there are some that need to contact experienced uses to help them and I offer that service. If my previous post offended you, I am very sorry but your post intention was obvious to the OP and myself and quite frankly someone needed to say it, so I did. If you offer good quality advice and professional services the clients will come to you, you don't have to 'sell' yourself here. Chris Link to comment Share on other sites More sharing options...
Procommerce Posted January 11, 2011 Share Posted January 11, 2011 Well, for the sake of this post, i will say something usefull... Dear tinhyeuon, can you tell what is the actual content of your htaccess file? Dunweb, go to the shrink, you are projecting...... (a psychological defense mechanism where a person unconsciously denies their own attributes) Providing Ecommerce & CRM Solutions since 1995 Vote my post up if you found it usefull Link to comment Share on other sites More sharing options...
Guest Posted January 11, 2011 Share Posted January 11, 2011 I digress, you're right, I am wrong, lead the way. Link to comment Share on other sites More sharing options...
andy_1984 Posted January 12, 2011 Share Posted January 12, 2011 lol this topic is full of win :lol: Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.