roban Posted July 18, 2006 Share Posted July 18, 2006 My site was hacked today. Not because of Cube Cart but because of some third party script running on my site. I have Twatch and PHPCounter running on the site and I am considering losing them both. This is what the hack did: It dropped seeveral files into my includes folder and deleted sslSwitch.inc.php. I have since deleted all unecessary files from my site and have gone through each and every folder looking for files that don't belong there, comparing each folder with the default installation directories. I have found several that mimick normal CC files such as one clever one called sessionstart.inc.php when it should be sessionStart.inc.php. The point of all this is that nobody is immune especially if you install third party scripts. Most are legit but can be hacked as well. Go back to your third party script sites and see if there has been any reported hacks on their files and if they have updated. Keep a close watch on your site and if you see something that doesn't belong there...delete it! Quote Link to comment Share on other sites More sharing options...
Guest vrakas Posted July 18, 2006 Share Posted July 18, 2006 Sorry to have heard that If you know or find out for sure that trace watch causes any problem please let us know :( Quote Link to comment Share on other sites More sharing options...
roban Posted July 18, 2006 Author Share Posted July 18, 2006 It's impossible to say Vrakas. I have deleted both from my server and will rely soley on Google Analytics. Quote Link to comment Share on other sites More sharing options...
Guest vrakas Posted July 18, 2006 Share Posted July 18, 2006 Thanks Roban :) Quote Link to comment Share on other sites More sharing options...
Guest Brivtech Posted July 19, 2006 Share Posted July 19, 2006 Whenever we upload anything to a web-site, we keep a copy on hard drive. If a site is ever attacked, we can immediately delete all the non-data files, and restore the originals straight away. A site can be up and running within 30 mins of a major attack. Of course, this doesn't address the security vunerabilities, but at least, it gets the site live again while an investigation can be made. Again, if any changes are made, they are done on the hard drive, then uploaded. This helps to avoid dangerous files from being integrated into working system. Something that a backup from the web-server doesn't quite address in the same way. Quote Link to comment Share on other sites More sharing options...
roban Posted July 19, 2006 Author Share Posted July 19, 2006 Good advice Brivtech and thank God I did that and my fix was immediate. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.