risela Posted February 18, 2011 Share Posted February 18, 2011 I have been getting php files injected into my images folder and through looking at who has visited my site the hackers always go to my admin/catagories and i cannot get an IP address on them so i am wondering if anyone would be willing to tell me what a backdoor looks like and/ or what to look for in the code. The catagories.pho file is really long tp post. Any help is greatly appreciated. Link to comment Share on other sites More sharing options...
Guest Posted February 19, 2011 Share Posted February 19, 2011 Rosa, categories.php is not considered a security risk. However, in combination with other files located in admin, it can become an access point. Usually attempted access URL's would appear something like this: /admin/categories.php/login.php?cPath=&action=new_product_preview //catalog/admin/administrators.php/login.php?action=insert If your website is properly secured then these access attempts are of no concern. However, if you have not secured your site they may allow hackers to access your site. Read the security forum on how to secure your admin area. Chris Link to comment Share on other sites More sharing options...
risela Posted February 19, 2011 Author Share Posted February 19, 2011 Thanks Chris I have secured my site through the '5 must have' installed, but there are still files showing up in my images folder. I will look to see if i can see what url is being accessed. What would a back door look like? I am a novice regarding code so i have no idea what to look for. Thanks so much. From what i can see they are using this: http://blackroseminerals.com/admin/categories.php/login.php?cPath=&action=new_product_preview If i click the link in get this on the page i don't know what it means. Warning: reset() [function.reset]: Passed variable is not an array or object in /home2/blackrp4/public_html/admin/includes/classes/object_info.php on line 17 Warning: Variable passed to each() is not an array or object in /home2/blackrp4/public_html/admin/includes/classes/object_info.php on line 18 Link to comment Share on other sites More sharing options...
Guest Posted February 19, 2011 Share Posted February 19, 2011 Rosa, Have you also applied the security patches found here ? Admin Security Have you renamed your admin directory ? Chris Link to comment Share on other sites More sharing options...
risela Posted February 19, 2011 Author Share Posted February 19, 2011 good call no i haven't i will do it now. Thanks Chris! Link to comment Share on other sites More sharing options...
♥geoffreywalton Posted February 20, 2011 Share Posted February 20, 2011 Don't forget to remove file_manager.php and I think it is define_languages.php. HTH G Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.