disco_ii_disco Posted January 12, 2006 Share Posted January 12, 2006 Hi all. My site was hacked yesterday. Probably a good thing as I will now be aware that it is important to update with patches etc and restore permissions after editing files. I have restored most of the site to how it used to be but the shopping cart is now not working. www.caravanaccessoryshop.co.uk If anyone could help me out I would be grateful. Cheers, Chris Quote Link to comment Share on other sites More sharing options...
Guest Posted January 12, 2006 Share Posted January 12, 2006 You have a javascript error when you click the add to basket button try upgrading your store to 3.0.7pl1 as well as ur still on 3.0.6 Quote Link to comment Share on other sites More sharing options...
disco_ii_disco Posted January 12, 2006 Author Share Posted January 12, 2006 Cheers evilhomer. Just spotted that the javascript folder had not been uploaded! Hopefully that will fix it. What other security measures should I take to make sure I don't get hacked again. I have updated the admin/filemanager/upload.php file already and changed permissions on some files. Can anyone provide a list of the correct file permissions for the files that are changed at installation stage. Cheers. Quote Link to comment Share on other sites More sharing options...
Guest Posted January 12, 2006 Share Posted January 12, 2006 The javascript folder will defo solve your problem as its calling that to add to basket but you really need to upgrade the store still to 3.0.7pl1 Quote Link to comment Share on other sites More sharing options...
Guest intro2 Posted January 13, 2006 Share Posted January 13, 2006 Sorry to hear you've been hacked Chris, I had the same thing happen to me a few days ago. You should also check the includes folder on your server for malicious files (some can be hundreds of MBs in size) and folders that have been put there by the hacker. My own includes folder was full of bad stuff. You should have your ftp program set to show hidden files on your server or you may not be able to see them all. It might also be a good idea to check your server logs to see what the bad guys have been up to. My own logs show that I was hit only for one day before I noticed the problem. My email logs show a massive increase for that day and I'm still sorting through the rest of my 40GB's worth of websites on my server looking for any other changes that might've happened. I've been using CC for a couple of years now and I can't remember there ever being an actual 'Stable' release of the program. This latest hack has hammered the final nail in the CC coffin for me. I'm going back to OSCommerce or even Multishop. At least with them, you know to expect some issues, but at least they're on the ball when it comes to security. Here's something else you should look at.. http://bugs.cubecart.com/?do=details&id=457 it was written on the 5th Jan. I wish you the best of luck with Cubecart and their fast-responding support. Mick Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.