Jump to content

Archived

This topic is now archived and is closed to further replies.

dansino

I even can't login to my admin

Recommended Posts

Hi guys,

 

I seems having similar issue with My website is www.flipflap.com.au,there is a guy always come as a administrator, after delete lots of time.

 

I try to sign in to my website/admin, which be changed to another name"blaxland", the strange window pop up, "Authorization Required" ask me to put in user name and password, but it will not allow me to sign in.

 

I empty the administrator table, not working, some window come up.

 

Help!

 

Thanks lot. :angry:

 

Dansino

Share this post


Link to post
Share on other sites

The pop up windows is because there is a password set on the directory in your hosting control package on that directory.

 

If you can't find it ask your host's help desk where it is and how to use it.

 

Cheers

 

G


Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Share this post


Link to post
Share on other sites

The pop up windows is because there is a password set on the directory in your hosting control package on that directory.

 

If you can't find it ask your host's help desk where it is and how to use it.

 

Cheers

 

G

 

Hi Geoff,

 

I know my password, put in the right password and it is just not get through.

 

Thanks!

Dansino

Share this post


Link to post
Share on other sites

If it is the directory password that is not accepted change the password to something very simple and try again or even remove it and add a new user and password.

 

If it is the user and password to your shop admin there are other ways round that, but please be wery specific with your description.

 

HTH

 

G


Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Share this post


Link to post
Share on other sites

If it is the directory password that is not accepted change the password to something very simple and try again or even remove it and add a new user and password.

 

If it is the user and password to your shop admin there are other ways round that, but please be wery specific with your description.

 

HTH

 

G

I need go to my admin to deal with orders, www.flipflap.com.au/blaxland.

before, I have a normal administrator Login page(not pop up window), but now be changed to a strange pop up window "Authorization Required", which I think it is a fraud.

 

I empty administrator table in PhpMyadmin, then go to my admin login, but the pop up window is still over there.

 

what should I do?

 

Thanks!

Dansino

Share this post


Link to post
Share on other sites

The pop up windows is because there is a password set on the directory in your hosting control package on that directory.

 

If you can't find it ask your host's help desk where it is and how to use it.


Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Share this post


Link to post
Share on other sites

I need go to my admin to deal with orders, www.flipflap.com.au/blaxland.

before, I have a normal administrator Login page(not pop up window), but now be changed to a strange pop up window "Authorization Required", which I think it is a fraud.

 

I empty administrator table in PhpMyadmin, then go to my admin login, but the pop up window is still over there.

 

what should I do?

 

Do you have ftp access to your website, if so have a look for a file in your admin folder called .htaccess, if there is one there, download and open it in a text editor like notepad.

 

Look for code similar to below:

 

AuthName "Admin"
AuthUserFile "/home/yourusername/.htpasswds/public_html/yourwebaddress.com/admin/passwd"
AuthType Basic
require valid-user

 

If something similar exists to that code, then comment it out like this:

 

# AuthName "Admin"
# AuthUserFile "/home/yourusername/.htpasswds/public_html/yourwebaddress.com/admin/passwd"
# AuthType Basic
# require valid-user

 

...and reload it back to your websites admin folder overwriting the one that is there.

 

That should give you access to your admin area again.

 

If there is no file of that name in the admin folder then look for an occurence of .htaccess in higher up folders like the main public folder or even above that in the user (/home/yourusername )folder, download that file, open it in notepad and comment out those lines, then reload back to the place you downloaded it from.

 

But most likely there is an .htaccess been placed in your admin folder.

 

Once you have dealt with that problem you then need to deal with how someone was able to install htaccess on your website. So if all goes well then the first order of the day is to secure your website by following the extensive array of instructions that have been placed in almost every thread discussion in this forum.


- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Share this post


Link to post
Share on other sites

I am not sure it matters at this juncture, you need access to your admin area, if you did not set the htaccess then someone else has done do, to get access you probably need to follow the instructions above, or if you have control panel access have a look in there for a folder protection section of your control panel and see if the admin folder has been locked via that.

 

To be honest though, if you have an older version of oscommerce you really should update it to the latest one at the very least because the chances someone has hacked your site is high just because it is an older version of oscommerce.


- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Share this post


Link to post
Share on other sites

Thanks Taipo,

 

I upload a previous .htaccess file and exchange the file under admin folder, now I can back to my admin. :)

 

But after entering the admin, I found that there is a new apps call "credit card" under my Configuration menu, which apparently someone else added to my website. :angry:

 

Now I really think maybe I should go to the new version of oscommerce.

 

Thanks!

Dansino

Share this post


Link to post
Share on other sites

Definately upgrade to 2.3.1 if you can. Also you will need to follow a lot of the other instructions that are pasted around these forums for cleaning up hacked websites, including making sure there are no other malicious files added to your folders and code appended to file headers.


- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Share this post


Link to post
Share on other sites

I will do that.

 

upgrade is ok? what I mean is that I may not be able to find more malicious file in my folder.

 

any suggestion on which instructions to cleaning up I should follow? :)

 

Thanks!

Dansino

Share this post


Link to post
Share on other sites
http://forums.oscommerce.com/topic/371393-indexphp-replaced/ is probably a good start if you were just going to clean up the current site, but if you are starting again with 2.3.1 then at least follow the instructions by DunWeb in particular 5,6,7 and 9.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Share this post


Link to post
Share on other sites

It sounds like ssl support has been turned on and the web server is asking for a user id and password to access the directory. This can be done by putting a .htaccess file into the directory or by changing the server configuration and can apply to any part of your web site. It is normally done to the admin area when you are haedening it up in preparation to gong live.

 

Look at the URL, if it starts with https<- notice the "s" on the end, then this is at the web server level and is not due to osCommerce ( osc). The user id and password at this level can and should be different from what you have entered into osc. If you enter what you think is correct and it doesn't accept it then you were wrong and you need to contact your hosting service and get it corrected. This shouldn't have appeared out of no where, if the hosting service did it without telling you then you're OK. If they didn't do it then your site may have been cracked. I doubt the cracked scenario since if someone had broken in they would probably have covered their tracks a bit better by making their changes as unnoticeable as possible.

 

Good Luck

Share this post


Link to post
Share on other sites

OK, I don't know how I missed the other comments before posting mine but it looks like others have gotten you further along than I would have. Sorry for the confusion.

Share this post


Link to post
Share on other sites

×