Jump to content

Archived

This topic is now archived and is closed to further replies.

DonStone

Change DB Password

Recommended Posts

I have a hacked oscommerce installation where someone is changing the destination account for IPN purchases.  I believe that they are hacking into the DB and adding an administrator in order to have access to the IPN module.  The user name is 524232 with no visible password.

 

Therefore, I believe that I need to change the database password.  I have searched the interenet and found several places which say something like: "You can change the password which oscomnmerce uses to access the database by editing includes/configure.php and admin/includes/configure.php"

 

Several times I carefully made the change as instructed checking to make sure of the change.  The result was the following error message: "Unable to connect to database server!" I received this message when trying to open the catalog program, accessing administration, or trying to log into the database.

 

It seems that something is preventing use of the new password.  Or, is there something else that I need to do?  Is it feasible that a hack is getting in the way?

 

Thank you for any help in resolving this problem.

Don

Share this post


Link to post
Share on other sites

You also need to change the password for the database user in MySQL. Use your host's control panel to make this change. Ask your host if you can't figure out how to do that.

 

Regards

Jim


See my profile for a list of my addons and ways to get support.

Share this post


Link to post
Share on other sites

You also need to change the password for the database user in MySQL. Use your host's control panel to make this change. Ask your host if you can't figure out how to do that.

 

Regards

Jim

Jim--

Thank you so very much; it is appreciated.

I wish those many other posts would have also mentioned the need of changing the host's control panel. :)

Best regards,

Don

Share this post


Link to post
Share on other sites

@@DonStone

 

If your site has been hacked then merly changing the DB password will not solve the issue, as if the hackers have access to your files they will be able to see the new password in your configure files......

 

You need to ensure that there is no code on your site that allows the hackers a back door into your site again.

 

I would suggest taking your site offline until this is resolved.


Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.

Share this post


Link to post
Share on other sites

@@Mort-lemur I've often wondered if there was any issue with the configure files containing the password.  You state

 

"if the hackers have access to your files they will be able to see the new password in your configure files......"

 

so, what permissions should you use for the configure files?  Is 644 acceptable, as that will be readable?

 

my admin directory is pretected by htaccess, so only my IP has access, which I assume is the best protection.

 

Regards

Mike


osC BS gold live - osC CE in development (awesome)

Share this post


Link to post
Share on other sites

@@Mikepo regardless of what password protection you have on your OSC files, if the hackers have managed to gain access at server level, they will be able to see / alter what they wish.

 

My understanding is that the .htaccess protection on your admin will only prevent entry from someone going to www.yoursite.com/youradmin from their browser.

 

For instance if you gave me access to your hosting cpanel I could go in and change what I wanted regardless of your .htaccess or file permissions.

 

What Im trying to say is that if a site has been hacked then it is very likely that the hackers have left themselves a way back in and simply cleaning the (currently) visible symptom may not stop them coming back.

 

as a very minimum change all the passwords for the cpanel, hosting, DB, Admin etc and watch closely for any odd behaviour of your site

 

Installing something like filesafe on a known clean store and running it daily is a good way to watch for files that have been changed.

 

Disclaimer: Im not an expert on this - just stuff I have picked up over the years.


Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.

Share this post


Link to post
Share on other sites

You should also compare your site files to a known good previous version using something like BeyonCompare.  Obviously, this statement also means you should be saving versions of your site like with Cpanel backup.  

 

One question I have is are you sure the server you are on isn't comprimised?  You see that often enough on Cpanel forums.

 

As for file permissions your config should be at 400 and all other php files at 600 assuming your on a server using something like mod_suphp.  Change your config to 400 and if you site doens't work it's too low.  htaccess needs to be at 644 as well as non php files.

 

The more secure the server is like not using ftp but instead sftp etc, the better.  If you get a dedicated server then you can get security tight. 


I'm not really a dog.

Share this post


Link to post
Share on other sites

×