Printable View
Hi All
is there any way i can remove old threads from the forum.
I have been working on my site for 5 months and it was hacked this morning and they left some nasty virus's.
Unfortunately the only place the URL is available is on this forum so i would like to remove these threads if possible.
It's a shame as the zen cart team and other forum users have been a very helpful in the development of my store
So if anyone knows how to remove my old threads please let me know.
Thanks.
Andy
You really want to upgrade your site if you got hacked ...
Was the hack actually done via Zen Cart code? Or via other code on your site or someone else's site on the same server that you are on?
What version Zen Cart are you running?
If not v1.3.6, have you applied all of the security fixes and patches for your old, out of date, unsecure code?
Hi Ajay
Sorry for the delay (sleep needed)
I have upgraded to v1.3.6.
i was running v 1.3.0.2 and applied the Dr's security fixes.
i contacted my server and they said its not from there end (they would though)
I'm just trying to cover all my bases as the last thing i want is to go live, soon i hope, and a potential customer to get bombarded by virus's and foul language
So i would like to remove any reference to my URL if possible
I would also like to say that I'm not having a dig at Zen cart in any way at all. I have no bad words to say about the software or support provided.
It's the mindless idiots out there have nothing better to do than try to ruin a lot of hard work done by both the person building there site and the team at Zen Cart.
Thanks
Andrew
Sorry to hear about your troubles, Andy, but it's not likely your URL will be removed from this, or any other, Forum. Don't worry too much though. Odds are you've already removed the hacked files and things are back the were they were.
When you say, "My site was hacked.", are you referring to ZenCart, phpBB, or your main site; if not one of the two mentioned? Although hackers can get in through various methods, good security on your part and especially your Hoster, can prevent many bad things from happening.
Hi Rob
Two Files were added to my admin files as index html files.
I think I have them all.
I'm hoping the security fixes in v1.3.6 will help.
It's just devastating to log on to you admin section find you have had 85 hits from fool who just wants to mess with you hard work.
I'm going to go over it again just to make sure that I got all there handy work
Thanks
Andrew
Andrew, if you are using a default install, you can safely delete "everything" in your ZenCart directories. Then you just reupload the files from your computer. That is the quickest and surest way, to get rid of any unwanted files.
If you are using a custom setup (template overrides) you should already have current backups of those files. Reuploading those should put you back to where you where before all this started.
Note: two files you should make sure you have correct backups of are:
includes/configure.php
admin/includes/configure.php
Hi All
Just been looking for how I was hacked.
It seems these people have a liking for Zen cart sites.
spygrup.org/showthread.php?t=9594
There is a list of sites they are messing with.
I have no idea what to do about this and as I seem to be written in Russian I can't make out what there about
If you’re not running a good security system don’t click on any of the links as you’re gonna get bombarded with virus’s
Anyone know what I can do about them?
Thanks
Andrew
Hi Rob
Running custom and Template overrides are backed up. Learnt that lesson the hard way
Good idea I will do that just to be sure
Thanks
Andrew
Good catch. Unfortunately, http://www.zencart.org/images/ seems to be one of them. Would've sent an eMail to a Contact address instead of posting it in this thread, but this site doesn't seem to have any Contact addresses?Quote:
Originally Posted by ellis200200
Hi Rob
So any idea what can be done about them?
Thanks
Andy
For our Clients, I usually setup extra security while still making it easy for using whatever script. This, along with our Server-wide security, makes it hard for bad things, security wise, to happen within their account.
For others, I can only suggest they follow these security steps and speak with their Hoster, about beefing up security for their account. Scripts such as; ZenCart, osCommerce, e107, and many others, require very open settings on the front-end so that ease-of-use is provided within the back-end or Admin section.
Perfect example is an images dir. Almost every type of the previously mentioned scripts require the 'images' dir. to have permissions of 777 -- so that one can use the 'images' dir. from within the Admin section. Currently, it requires using 755 permissions when not using it and changing to 777 when working in the Admin section, for uploading or working with images. Then, when finished, you change permissions back to 755; the default setting and very secure.
Trouble is, most people forget to change permission back to 755 and thus, it is only a matter of time till they remember and change it or some hacker finds it wide open and abuses it.
Thanks Rob
In honesty I have been a little lax with the permissions as the site is not live.
But the hackers don’t seem to be that bothered if it’s live or not
Again thanks for all your help
Andy
Now that zencart.org/images seems to be "hacked into" **edited**, please explain how anyone can upload *anything at all* to any directory with *no* scripts inside no matter what the permissions are??! Answer is: you possibly couldn't, nor can anyone else, because it's not possible. Because apache itself doesn't upload anything by itself at all, a "program" or script(like ZC) is required first to begin with! In other words: ZC is bugged since this is not the first time such "(picture-)vandalism" etc is reported and going on. If it was just for the permission(s) then ZC *itself* could change them(back) when/as required during file-upload or deletion etc ... Anyway, the hole thing really sux now, and I guess the ZC-developers not only ought to address this issue IMMEDIATLY but also owe everyone a better explanation than is currently to find under section 9) (and also 6))of the you-know-what secure-your-cart-"GUIDE", it's *NOT* just permissions that cause something like this thats far-fetched, unsubstantiated or better ... simply bollox ... :mellow: :shocking::cry:Quote:
Originally Posted by Website Rob
ca18, posting a reply to you is mostly a futile effort, as you appear to have a sinister agenda far beyond being genuinely concerned about security or being empathetic to a legitimate issue. Your numerous other negatively-toned posts essentially disqualify the majority of your arguments, as they demonstrate tyranny rather than beneficial to the community at large.
Nevertheless, for the sake of those reading this thread, it's worth pointing out that:
*any* folder that is chmod 777 is vulnerable on a shared-hosting server if *any* *other* account on that server gets hacked via any vulnerability.
For the record, the single hacked index.html file in the images folder of the zencart.org site was completely unrelated to any security vulnerability in Zen Cart. There are a number of ways to prove this if it were necessary, but frankly, it's none of your business. :smartass: