Loaded Commerce Community

Banner

View unanswered posts | View active topics


Board index » Loaded Commerce Support » Security Issues

All times are UTC - 5 hours




Post new topic Reply to topic  Page 1 of 1
  [ 3 posts ] 
  Previous topic | Next topic 
Author Message
gege123
 Post subject: Malicious redirection
PostPosted: Wed Aug 17, 2011 3:48 am 
Offline
CRE Newbie

Joined: Wed Aug 17, 2011 3:42 am
Posts: 1
Hi everybody, since several days, we have a big problem with certain websites. Our version of Oscommerce is : CRE Loaded6 v4 Fr Sp1.2 RC2. The website, himself, don't reveal any problems but when we put http://my.website/whatsoever in the address bar, the website is automatically redirect to companyupdate.ru, we suppose that's a hacker website. We have already established a software in the websites to protect against Sql injection, XSS injection ... and we have clean .htaccess. We've also made several searches about malicious scripts in base 64 or others in the files but with not success. We've taken notes about the security methods of Oscommerce, we changed the name of admin directory and created a .htaccess to protect the directory.
Do you have an idea of ​​which could be the cause of this problem?
Top
 Profile  
 
soundzgood2
 Post subject: Re: Malicious redirection
PostPosted: Fri Aug 19, 2011 1:04 pm 
Offline
CRE Legend
User avatar

Joined: Thu Jun 12, 2008 6:39 am
Posts: 2405
Location: New Zealand
Cause of problem = hacked = using a very old version of the cart (CRE Loaded6 v4 Fr Sp1.2 RC2 ????!!!!)
Solution = shift hosting companies, upgrade.

Simon

_________________
www.codemehappy.com
For Cre Loaded tips, how-to articles and more

Top
 Profile  
 
Nimitz1061
 Post subject: Re: Malicious redirection
PostPosted: Wed Mar 21, 2012 12:27 pm 
Offline
CRE Legend

Joined: Sun Nov 09, 2003 1:00 am
Posts: 7301
Location: Baconton, GA USA
Agreed - a check on PHP_SELF or PHPSELF may also be helpful in helping prevent penetrations in any CRE Loaded site older than 6.4.1

David

_________________
My CRE Loaded FAQ List
CRE Loaded Hosting

Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 3 posts ] 

Board index » Loaded Commerce Support » Security Issues

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
It is currently Thu May 24, 2012 9:00 am
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

Main Menu

Login

Forums Latest Activity

Top Listing

1. Cart2Cart - Shopping...
    Category: Shopping Cart Database Conversion Scripts
    
2. Points & Rewards PLUS!...
    Category: Add-Ons
    
3. Configuration Server...
    Category: Fixes
    
4. Credit Card with CCV
    Category: Payment Modules
    
5. CC7333_ATS
    Category: Templates
    
Show more...

© CRE Loaded is a product of Chain Reaction Ecommerce, Inc. Usage & Privacy Policy