Jump to content

Site Hacked


roban

Recommended Posts

My site was hacked today. Not because of Cube Cart but because of some third party script running on my site. I have Twatch and PHPCounter running on the site and I am considering losing them both.

This is what the hack did:

It dropped seeveral files into my includes folder and deleted sslSwitch.inc.php.

I have since deleted all unecessary files from my site and have gone through each and every folder looking for files that don't belong there, comparing each folder with the default installation directories. I have found several that mimick normal CC files such as one clever one called sessionstart.inc.php when it should be sessionStart.inc.php.

The point of all this is that nobody is immune especially if you install third party scripts. Most are legit but can be hacked as well. Go back to your third party script sites and see if there has been any reported hacks on their files and if they have updated.

Keep a close watch on your site and if you see something that doesn't belong there...delete it!

Link to comment
Share on other sites

Guest Brivtech

Whenever we upload anything to a web-site, we keep a copy on hard drive. If a site is ever attacked, we can immediately delete all the non-data files, and restore the originals straight away. A site can be up and running within 30 mins of a major attack.

Of course, this doesn't address the security vunerabilities, but at least, it gets the site live again while an investigation can be made.

Again, if any changes are made, they are done on the hard drive, then uploaded. This helps to avoid dangerous files from being integrated into working system. Something that a backup from the web-server doesn't quite address in the same way.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...