Jump to content

Archived

This topic is now archived and is closed to further replies.

littleminxwholesale

Website Hacked

Recommended Posts

HI

 

I created my website with the help of a web design team back in 2006 and after months of hard work had a very good return within my first year, some time on I took website off line due to personal circumstances. I made my website back live recently and also sent some emails out to existing customers aswell as new stating that we were back in business so gradually from time to time on the who's online section I would see quite a lot of customers filling there baskets up but for some reason not checking out so this is where I am now starting to feel concerned as to whether the final stage ie checkout is being directed elsewhere. Any advice or help with this will be greatly appreciated as I feel that the site has been hacked and that my sales are being taken. Or also if u can recommend any scan that I can run etc.

Thanks

Share this post


Link to post
Share on other sites

Have you placed any test orders to see if your site is still working? That's a very old version of osCommerce that will not run on modern versions of PHP/MySQL.

 

Regards

Jim


See my profile for a list of my addons and ways to get support.

Share this post


Link to post
Share on other sites

Those could have been legitimate customers who filled up their carts but were stuck at checkout, or they could have been search engine bots. Anyway, you should definitely go in as a customer and try buying something, to see what happens (you should have done this before announcing to the public that you were open for business). It's quite possible that the old, old code you're running (probably 2.2 MS2) no longer works with modern PHP versions. You should strongly consider installing 2.3.3.4 and migrating your old database over.

 

Make a copy of your site under /dev or /test (files AND database) and practice the install and migration: install/configure/test 2.3.3.4, delete sample stock, copy over the existing database, run the SQL updates to migrate it to 2.3.x level, copy over your product images, test all the way through checkout. Now that you have a working 2.3.3.4 system, decide what 2.3.x add-ons you need to install or custom coding that you need done. Once you're happy with your new system, all you will need to do is copy all the files over the old store (which you've backed up) and you're in business. It should continue to use the new database, and the old one (backed up) can be removed.

 

Note that if you were collecting credit card information using the cc.php module, you can no longer use that (it's illegal, as it is not PCI-DSS compliant). You would have to update your payment modules (use a Third Party payment system such as PayPal or the like, for low to moderate volumes). Direct credit card acceptance is now usually quite expensive, due to PCI-DSS security audit requirements, and worthwhile only for high volume stores. You can always switch over later.

Share this post


Link to post
Share on other sites

Lila

 

You should definitely try to place an order yourself and ask a couple offriends to do the same.

 

If you are not going to upgrade then, as you have such an old version, you should check and see if the security patches have been applied. There is a pinned thread at the top of the 2.2 security thread that explains what should have been done.

 

HTH

 

G


Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Share this post


Link to post
Share on other sites

If her team finished work on it in 2006, I would guess that absolutely no patches have been applied for 7 years. It would be far easier to migrate to 2.3.3.4.

Share this post


Link to post
Share on other sites

×