Results 1 to 10 of 10

Thread: Website security

  1. #1
    Diamond Member adrianh's Avatar
    Join Date
    Mar 2010
    Location
    Cape Town
    Posts
    5,548
    Thanks
    377
    Thanked 852 Times in 683 Posts

    Website security

    I run an OsCommerce site which has been hacked twice now. Anybody got advice on securing the site?
    “Why, sometimes I've believed as many as six impossible things before breakfast.”
    ― Lewis Carroll, Alice in Wonderland

  2. #2
    Gold Member twinscythe12332's Avatar
    Join Date
    Jan 2007
    Location
    durban
    Posts
    769
    Thanks
    12
    Thanked 110 Times in 84 Posts
    do you know how they are hacking your site? I'd suggest starting at the OsCommerce site forums to see if there have been any new hacks found.

  3. #3
    Site Caretaker Dave A's Avatar
    Join Date
    May 2006
    Location
    Durban, South Africa
    Posts
    22,066
    Thanks
    3,186
    Thanked 2,587 Times in 2,182 Posts
    Blog Entries
    12
    I see part of their support forum is a security section.

  4. #4
    Full Member Cream's Avatar
    Join Date
    Aug 2010
    Location
    Randburg, Gauteng
    Posts
    89
    Thanks
    15
    Thanked 8 Times in 7 Posts
    Have a look at how-to-secure-your-site This might help.

    What is the address of your website?

  5. #5
    Gold Member Mark Atkinson's Avatar
    Join Date
    Jul 2010
    Location
    Melbourne, Australia
    Posts
    796
    Thanks
    212
    Thanked 150 Times in 117 Posts
    Blog Entries
    12
    Adrian - My Joomla! site has been hacked twice now too. Unfortunately if they are decent enough hackers they're going to get through just about any protection.

    Have they done any serious damage to your site? Our culprits just seem to do things to annoy us - And they succeed.

  6. #6
    Full Member Cream's Avatar
    Join Date
    Aug 2010
    Location
    Randburg, Gauteng
    Posts
    89
    Thanks
    15
    Thanked 8 Times in 7 Posts
    Mark, maybe worth your read for Joomla Security:
    Joomla Security Checklist

  7. #7
    Diamond Member AndyD's Avatar
    Join Date
    Jan 2010
    Location
    Cape Town
    Posts
    4,797
    Thanks
    559
    Thanked 910 Times in 735 Posts
    When you say they hacked your site Adrian, what did they actually do? Was it malicious or passive? Was there a money making angle to it, was there theft?
    _______________________________________________

    _______________________________________________

  8. #8
    Diamond Member adrianh's Avatar
    Join Date
    Mar 2010
    Location
    Cape Town
    Posts
    5,548
    Thanks
    377
    Thanked 852 Times in 683 Posts
    @cream - the url is www.scalecraft.co.za

    They don't destroy the site. They disable the entire site and replace the front page. I think they do it simply to prove that they can.

    I keep a backup of the entire site so when it happens I clear out the rubbish that they add and replace the damaged files.

    They deleted the admin user from the database once and added their own user - I fixed this through PhPMyAdmin via Cpanel.
    Attached Thumbnails Attached Thumbnails Click image for larger version. 

Name:	scalecraft_hacked.jpg 
Views:	123 
Size:	26.0 KB 
ID:	1449  
    Last edited by adrianh; 08-Dec-10 at 07:49 AM.
    “Why, sometimes I've believed as many as six impossible things before breakfast.”
    ― Lewis Carroll, Alice in Wonderland

  9. #9
    Junior Member
    Join Date
    Dec 2010
    Location
    Bloemfontein
    Posts
    12
    Thanks
    0
    Thanked 1 Time in 1 Post
    Quote Originally Posted by adrianh View Post
    @cream - the url is www.scalecraft.co.za

    They don't destroy the site. They disable the entire site and replace the front page. I think they do it simply to prove that they can.

    I keep a backup of the entire site so when it happens I clear out the rubbish that they add and replace the damaged files.

    They deleted the admin user from the database once and added their own user - I fixed this through PhPMyAdmin via Cpanel.
    The best thing to do is as follow

    Generate a lenght password
    Get a SSL Cerificate for your website


    You did not mention what osEcommerce solution your are using

    If you can specify a name I would be able to assist you

  10. #10
    Diamond Member adrianh's Avatar
    Join Date
    Mar 2010
    Location
    Cape Town
    Posts
    5,548
    Thanks
    377
    Thanked 852 Times in 683 Posts
    I run an OsCommerce site which has been hacked twice now. Anybody got advice on securing the site?
    I do: "OsCommerce"
    “Why, sometimes I've believed as many as six impossible things before breakfast.”
    ― Lewis Carroll, Alice in Wonderland

Similar Threads

  1. [Article] Your website is a waste of money!
    By Chatmaster in forum Marketing Forum
    Replies: 37
    Last Post: 28-Nov-10, 03:00 PM
  2. Selling member interest in CC
    By Martinco in forum General Business Forum
    Replies: 8
    Last Post: 19-Oct-10, 09:10 PM
  3. [Article] 3 Reasons Content is King for your website
    By G Robin in forum General Business Forum
    Replies: 21
    Last Post: 10-Sep-10, 12:29 PM
  4. Teams satisfied with security arrangements
    By BBBEE_CompSpec in forum General Chat Forum
    Replies: 0
    Last Post: 08-Dec-09, 10:57 AM

Did you like this article? Share it with your favourite social network.

Did you like this article? Share it with your favourite social network.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •