Guest repustech Posted July 9, 2004 Share Posted July 9, 2004 Hey All, I just wanted to pick your brains. Just today I went to my store and somehow the file with "database name, password, and user name" was not correct and the store was down. I didn't get a chance to see the hacked file as I accidentally uploaded the correct file over the top of it without looking. Has anyone ever heard of a CubeCart store being hacked into? Thanks... Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted July 9, 2004 Share Posted July 9, 2004 It is highly likely there are security flaws in CubeCart as any script. To date I have never heard of it being hacked although I am sure it is not too difficult for an experienced person to do. Quote Link to comment Share on other sites More sharing options...
Guest Posted July 10, 2004 Share Posted July 10, 2004 When were talking hack what could they do. Wouldn't have have to first have access to your db or know some password? Quote Link to comment Share on other sites More sharing options...
Don't Ask Posted July 10, 2004 Share Posted July 10, 2004 This seems to be security problem with server not with Cube Cart, as config file can be edited if only some one has access to it. So better check your server raw access log and see if this file has been touched by some one using ftp or ssh etc. Quote Link to comment Share on other sites More sharing options...
Guest repustech Posted July 11, 2004 Share Posted July 11, 2004 thanx for the replies. I tried looking at my raw access logs and it only allows me to look at the current days log. Is there a way to look at previous days logs? I am using Cpanel. Thanx for the help, Quote Link to comment Share on other sites More sharing options...
Don't Ask Posted July 11, 2004 Share Posted July 11, 2004 Well my cPanel shows logs of last three days, then there is a provision using "Raw Log Manager" to "Archive Logs in your home directory at the end of each month", so for future you should enable this option. As in current situation where you don't have previous logs, I will try to discuss with my SysAdmins how to get them back. Meanwhile you my try the same within your organization, I mean discuss this problem with your Host or SysAdmins. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.