Jump to content

Archived

This topic is now archived and is closed to further replies.

JeffSimmons_23266

At wits end on this security

Recommended Posts

I've changed the admin folder name, cleaned files and folders i was advised to and i still keep getting this one error. I replace it with a new index.php, its fine when i go to bed but 7 hours later this error is back...can anyone help. P.S ive installed security pro and ip trap

thanks

jeff

 

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/missscar/public_html/index.php(1) : eval()'d code:37) in /home/missscar/public_html/includes/functions/sessions.php on line 102

 

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/missscar/public_html/index.php(1) : eval()'d code:37) in /home/missscar/public_html/includes/functions/sessions.php on line 102

Share this post


Link to post
Share on other sites

Jeff,

 

It is obvious you have failed to remove the hackers backdoor and anomalous files. You must ensure ALL malicous code and anomalous files have been removed from the website. THEN, secure it.

 

 

 

 

Chris

 

ps. If you are using Wordpress on the same hosting account, you will also need to secure it. Visit the wordpress forums for information on how to secure that.


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

Chris is there someway or something to run that will tell me where these are? Ive gone to the index.php and session.php and cant seem to find anything.

 

Thanks

Jeff

 

Jeff,

 

It is obvious you have failed to remove the hackers backdoor and anomalous files. You must ensure ALL malicous code and anomalous files have been removed from the website. THEN, secure it.

 

 

 

 

Chris

 

ps. If you are using Wordpress on the same hosting account, you will also need to secure it. Visit the wordpress forums for information on how to secure that.

Share this post


Link to post
Share on other sites

Jeff,

 

 

Chris is there someway or something to run that will tell me where these are? Ive gone to the index.php and session.php and cant seem to find anything.

 

The ONLY real way to identify and remove malicious code and anomalous files is to download the website to your local machine and use a program like WINGREP to search for common hacker code.(eval, base63, decode)

 

Then, check each file manually for irregular code.

 

 

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

I have the same problem.

I have a couple installations of osCom on one server, along with some WordPress installs and PHPBB.

There are multiple .html files (86mb worth) in some weird folders. I also have weird files in the /images folder.

I keep deleting them, but it's getting very annoying.

 

Could someone please link to the WordPress security fix?

Share this post


Link to post
Share on other sites

I have one wordpress blog and 3 oscommerce sites and only one site is being affected. I have installed the plugin bulletproof security and still the same problem

 

 

I have the same problem.

I have a couple installations of osCom on one server, along with some WordPress installs and PHPBB.

There are multiple .html files (86mb worth) in some weird folders. I also have weird files in the /images folder.

I keep deleting them, but it's getting very annoying.

 

Could someone please link to the WordPress security fix?

Share this post


Link to post
Share on other sites
3 oscommerce sites and only one site is being affected. I have installed the plugin bulletproof security and still the same problem

 

Only 1 is being affected ? That only means the hacker has not got around to ripping apart the others yet. Bulletproof security, will do NOTHING to secure your oscommerce websites. I hope you didn't pay money for that.

 

 

Back to basics......download ALL files to your local machine, use WINGREP to locate malicious code and anomalous files on your server. Clean and remove those files as necessary, apply ALL security patches and contributions, upload the clean copy back to your server and then reopen your site. Do this for ALL oscommerce sites on your hosting account. Also, read the Wordpress forum on security to secure that installation as well.

 

 

 

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

The bulletproof security is for wordpress and for oscommerce ive installed iptrap and security pro..ive also added all turkey to my control panel IP ban....I did download and run that wingrep and nothing shows

 

 

Only 1 is being affected ? That only means the hacker has not got around to ripping apart the others yet. Bulletproof security, will do NOTHING to secure your oscommerce websites. I hope you didn't pay money for that.

 

 

Back to basics......download ALL files to your local machine, use WINGREP to locate malicious code and anomalous files on your server. Clean and remove those files as necessary, apply ALL security patches and contributions, upload the clean copy back to your server and then reopen your site. Do this for ALL oscommerce sites on your hosting account. Also, read the Wordpress forum on security to secure that installation as well.

 

 

 

 

Chris

Share this post


Link to post
Share on other sites

Jeff,

 

I am out of suggestions for you. Perhaps someone else can offer some input, but honestly without seeing the files on the site, it will be difficult to ascertain the problem.

 

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

Chris,

I would be happy to give you any access you would need, I'm not really that versed in codes and all. I just try my best.

Anything you would be willing to do I would really appreciate, maybe I'm not doing something right.

my email is jeff487@yahoo.com if you think you can help by looking at my files

 

Thank You Thank you

Jeff

 

 

 

Jeff,

 

I am out of suggestions for you. Perhaps someone else can offer some input, but honestly without seeing the files on the site, it will be difficult to ascertain the problem.

 

 

Chris

Share this post


Link to post
Share on other sites

Jeff,

 

I have corrected the errors on your site. You still had hacker code in the application_top.php

 

 

 

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

×