Guest Posted June 27, 2006 Share Posted June 27, 2006 my cc3 was hacked this weekend. They managed to delete my images/uploads folder. The provider says i should update my script, which at the mo ist is, and have folders set no more than 755 and files no more than 644, which coindently was. So how they managed to get in and delete these files i dont know. I'm gonna need to upload the missing files and hopefully wont get hacked again. I dont think other folders or files were deleted. BLOODY HACKERS they are just sreknaw (mirrored backward). :w00t: Quote Link to comment Share on other sites More sharing options...
Guest vrakas Posted June 27, 2006 Share Posted June 27, 2006 Sorry to hear this Perform a search in this forum on how to protect your site. I will look also to find the threads and post them for you Link removed -- reason: outdated information. -- Sir William Quote Link to comment Share on other sites More sharing options...
Guest Posted June 28, 2006 Share Posted June 28, 2006 You need to have your host verify whether the attack/hack came in thru CubeCart or another hole somewhere. I still haven't seen evidence on ANY compromised servers/sites that say it's coming in thru current CubeCart installations. :w00t: Quote Link to comment Share on other sites More sharing options...
craigfh Posted June 28, 2006 Share Posted June 28, 2006 I just got notified by my service provider my site was hacked also. They got into images/File directory. Not sure the damage as I won't be able to check it until I get home. This is the first time I have been hacked. I have nother 5 sites with cubecart and will have to check all of them. Quote Link to comment Share on other sites More sharing options...
Guest Ken Than Posted June 29, 2006 Share Posted June 29, 2006 I just got notified by my service provider my site was hacked also. They got into images/File directory. Not sure the damage as I won't be able to check it until I get home. This is the first time I have been hacked. I have nother 5 sites with cubecart and will have to check all of them. The measure to this problem is that cubecart should set start and close button before and after the file uploading script. Means, to upload file, you have to click START Button, which will chmod images folder to 777 and when finish uploading photos, click CLOSE button, which will set image folder to 644. What do you guy say? Quote Link to comment Share on other sites More sharing options...
Guest Posted July 7, 2006 Share Posted July 7, 2006 Ken, that's a nice idea, but in order to do that, the web server user would have to own that folder. If it was the owner, then it would be able to write to the folder unless the permission was set to 555 -- read/execute ONLY for all users. BUT....if the server user owns it, it can change the permissions at will. So how long you figure it would take the hackers to figure out that they needed to search for folders owned by the server user, change them to 777 and then upload what they want. It's a catch 22. :w00t: Quote Link to comment Share on other sites More sharing options...
Guest Coder68 Posted July 7, 2006 Share Posted July 7, 2006 Sir William, I have two questions then. 1. After I upload the images I need, if I change the folder permissions to 644 or what ever (Im new to Linux.) would that greatly reduce my risk? 2. By owning your own IP and not using a shared IP... does that reduce or eliminate your risk from other websites that are not up to date? Thanks! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.