Security Issues

[Guest Brivtech]

Going through my server logs for a customer's website, I noticed a couple of things that seemed a bit out of place...

One of them was a referral from Google using the following keyword phrase:

filetype:sql credit card

Any ideas why someone would be using this and could this cause any security issues with CubeCart?

I also noticed that the Email a friend script was being used a lot since I posted an example site on here. I've disabled that until I make some modifications to only allow registered users to use the facility.

Are there any other potential issues I should know about?

[Guest gwizard]

Kids were looking for sql files that contain the words credit cards.

Nothing for you to worry about :(

[Guest Brenty]

Kids eh! What are they like! :(

[convict]

There are two sort of kids:

1) front-end

2) back-end

Guess who is the bad one :D

[Guest gwizard]

Actually, in my experience from both sides, the really bad ones are the ones you do not see or know about.....until it is too late. :D

[Guest Brivtech]

Actually, in my experience from both sides, the really bad ones are the ones you do not see or know about.....until it is too late.

HEH! Thanks guys, Although I knew I didn't have such files saved into my hosting space, it was a concern nevertheless. Someone ought to give them kids a clip round the ear'ol!

Seems then that apart from a potential misuse by spammers on Tell A Friend, Brooky and the development team have CubeCart pretty well wrapped up security wise then. <_<

[Guest gwizard]

1. Most of the hacks comes not from a badly written software but from a badly configured environment.

2. ALL software has a weak point. Always.