Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

My site was hacked


charlesc@edandweb.co.il

Recommended Posts

I my name is Charles,

 

My new client has a new oscommerce site:

http://www.all-playbacks.co.il/

 

It was hacked 3 times, and i am new on oscommerce, i start to read topics on security problem and i did this:

  • i change the name of admin directory
  • i add an .htaccess for the new directory
  • i remove in the admin directory the filemanager
  • i install crawltrack and crawl protect
  • i change 2 parts of the code in the admin includes/applcationTop.php
  • And i change all the passwords

For the moment i have 1 problem, when i go to the index no problem but if i go to:

 

http://www.all-playbacks.co.il/catalog/

 

The page display the php code.

 

My oscommerce version is:

osCommerce Online Merchant v2.2 RC1

 

 

Please help me to resolve it.

 

Thank you

Link to comment
Share on other sites

You are probably missing <?php on the first line of the file.

 

HTH

 

G

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

My guess is that you have left an html file in your catalog directory that has the contents of index.php in it.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

HTH = Hope That Helps

 

Sorry should have thought as the web url was .il

 

Cheers

 

G

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...