Jump to content

v3.18 security question


Recommended Posts

Does anybody know if there's any security loopholes with 3.18.

I've been hacked twice and a script (different one each time) put in ALL my index.php files and index and default htm/html files.

My host provider says it's probably a php script vulnerability but that's not an area I know anything about.

The one thing recognisable on the server is that there was a directory called gmav created that nobody at tech support seems to know anything about.

This directory is not present on my other sites server and I've not had any hacking problems on there (fingers crossed).

Any help would be really appreciated and, of course, valuable info for others.



Link to comment
Share on other sites

Nothing as far as know. What about other scripts installed on the server?

Thanks, gives me confidence it's not cubecart. There's nothing on there except some htm pages and the host provided stats progs. The only other possibility i can think of is someone managed to hack my ftp password and put these weird gmav directories in that automatically chnage all the index files. I've had the provider nuke the site and re-upped everything, changed all the passwords etc. so hopefully this will be the end of it.

Link to comment
Share on other sites

Guest fandango

Its always a good idea to change your ftp / admin / email passwords regularly anyway and to have a back up copy of the site directories and database.

You can do this easily via Cpanel if you have access to that or your hosting company can do this for you if you ask them.

I recently had all of my sites hacked by a virus on my machine that infiltrated my ftp programme and placed an unescape script on all the pages, what a nightmare it was putting them all right, so now i change passwords and create back ups on a weekly basis.

Also it is essential to have a decent up to date antivirus software installed on your machine.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...