Jump to content

cubecart blank page. hacked?


jdmdecals

Recommended Posts

So, out of nowhere i get a email from a customer saying my site is down.

I go to the website. www.jdmdecals.com and it sends you to the landing page. that works.. the landing page sends you to the store: http://www.jdmdecals.com/index.php

and there is nothing there.

I can access my FTP>

my question is.. Was i hacked?  how do i check? can i repair whatever is crashed?

Any advice would be great. I have NO idea what to do :(
heck, i'll send you some free decals of whatever you want if you guys can help me

get this up-and running again.


just to make things clear, i made no changes to the site over the past month.
this is just out of the blue. Not even error codes :(

Link to comment
Share on other sites

Figures super helpful reply from webhost.... :(
 

WebHostingPad Support
1:24 AM (5 hours ago)
cleardot.gif
 
cleardot.gif
cleardot.gif
to me
cleardot.gif

Hello





  Php version on our servers is Php 5.3 and regarding backup restore its
a paid service and the charge is $24.95. Please login to your client
area and pay for it. Let us know once you have finished the payment so
that we can proceed for the restoration.



Thanks

Mabin



Ticket Details

===================

Ticket ID: OCR-417234

Department: Admin

Priority: default

Status: On Hold

Link to comment
Share on other sites

We can start by using FTP to get these two files: index.php and /includes/global.inc.php, copied to your local computer.

 

In globals.inc.php, you can determine which encoding method CubeCart chose to use when it was installed. The phpinfo screen says both Zend and ionCube are installed. But it would be nice to know which of the two CC515 is using.

 

Use your hosted account's control panel to view the contents of the database. If your orders, customers, and inventory look fine (that is, there are lots of records), then we can try to simply FTP the CC515 package on top of what's already there.

 

You may want to first FTP down the entirety of the site to your local computer so that you can look through it when you have time.

 

And, if you haven't done so already, rename the setup folder.

 

Then we can look at index.php and add some diagnostic code. Compare it to the installation package you may have on your local machine. If you don't have the package, get it from http://www.cubecart.com/download/5.1.5/zip

 

Above this line: global $config_default;

Add: echo CC_ROOT_DIR."="; die("CubeCart ".CC_VERSION);

 

Then FTP that back to the site. If we get something, then the next thing that may be failing is the decoder Zend or ionCube. While phpinfo says it is installed, there may be something about it's configuration that isn't right.

 

Their reply wasn't helpful at all. The question, "What did you upgrade recently, if anything" was not answered. Obviously they upgraded PHP to version 5.3.20, but when? Did they put a blank php.ini file in your site that may be causing trouble?

Link to comment
Share on other sites

ok thank you. I added the echo CC_ROOT_DIR."="; die("CubeCart ".CC_VERSION);.
Refreshed.. and still nothing :(

I sent them another email saying exactly this:
 

"What did you upgrade recently, if anything" was not answered.
Obviously they upgraded PHP to version 5.3.20, but when? Did they put a
blank php.ini file in your site that may be causing trouble?

Right now apparently they are doing a restore of the site. (not sure if that will even help) but going to do that.

THen i guess its time to start tearing into this.


you are super helpful man, seriously. thank you

Link to comment
Share on other sites

Boom. site works now. That question you had me ask i guess made someone think at webhosting pad.

this is the email i got:

 

profile_mask2.png
WebHostingPad Support
11:27 AM (3 minutes ago)
cleardot.gif
 
cleardot.gif
cleardot.gif
to me
cleardot.gif

Hello,



Can you please check this now?



We have placed an open_basedir security restriction with PHP which was
effecting this, we have adjusted this so that it should not effect this
anymore.







Regards,



Christopher G





Ticket Details

===================

Ticket ID: OCR-417234

Department: Admin

Priority: default

Status: On Hold

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...