[email protected] Posted January 5, 2012 Share Posted January 5, 2012 I my name is Charles, My new client has a new oscommerce site: http://www.all-playbacks.co.il/ It was hacked 3 times, and i am new on oscommerce, i start to read topics on security problem and i did this: i change the name of admin directory i add an .htaccess for the new directory i remove in the admin directory the filemanager i install crawltrack and crawl protect i change 2 parts of the code in the admin includes/applcationTop.php And i change all the passwords For the moment i have 1 problem, when i go to the index no problem but if i go to: http://www.all-playbacks.co.il/catalog/ The page display the php code. My oscommerce version is: osCommerce Online Merchant v2.2 RC1 Please help me to resolve it. Thank you Link to comment Share on other sites More sharing options...
♥geoffreywalton Posted January 5, 2012 Share Posted January 5, 2012 You are probably missing <?php on the first line of the file. HTH G Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
[email protected] Posted January 5, 2012 Author Share Posted January 5, 2012 No i check it, and the file is correct. May be another file ? What id HTH ? Thank you Link to comment Share on other sites More sharing options...
Taipo Posted January 5, 2012 Share Posted January 5, 2012 My guess is that you have left an html file in your catalog directory that has the contents of index.php in it. - Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)- Another discussion about infected files ::here::- A discussion on file permissions ::here::- Site hacked? Should you upgrade or not, some thoughts ::here::- Fix the admin login bypass exploit here- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX Link to comment Share on other sites More sharing options...
[email protected] Posted January 5, 2012 Author Share Posted January 5, 2012 You're so good. Thank you very much, i was lost. If you have any remarks on the site for add more security, you're welcome. Link to comment Share on other sites More sharing options...
♥geoffreywalton Posted January 5, 2012 Share Posted January 5, 2012 HTH = Hope That Helps Sorry should have thought as the web url was .il Cheers G Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.