MrFewkes - 8:23 pm on Mar 3, 2011 (gmt 0)

Digitalv - the detail of my site is as follows.

It is a html front page linking off to 6 or 7 subpages - each of these is hand written and about different aspects of the product.

The html front page - index.html in the root - has 6 products and 6 buy now buttons on it from paypal - for users who wish to buy a single item and want to get on with their purchase fast.

On the index.html page - there is also a large link which says (in a jpg) click here to see our full range. This links to a sub-directory in which sits the OScommerce index.php file - the start of my shopping cart. There are 10 products to choose from and purchase through this section of the website.

The shopping cart is powered by oscommerce with plugins from Cardinal Centinal which interface with my website payments pro account at paypal. For which I pay paypal a monthly fee. (Actually I think the buttons also require that I have a paypal pro account - not sure).

Anyway.

Historically the site started out as a front page html index file (which I wrote with no buy now buttons on it - but purely for the SEO which I could do instead of modifying the shopping cart). Off that index I had a similar link "click here to see our range" etc which linked into the shopping cart - OScommerce.

I added the index buttons as I learned more about the features of paypal which I had available to me.

Filemanager.php is the main security hole in oscommerce and I wouldnt have known this if I had not researched - this is gone - also I have done my best with permissions on files and also cleaned up install files. At one point I read that there were other holes in the Admin side - I deleted almost all admin functions - but at some point re-instated it for the stock and product update modules.

I have done nothing on the DB security beyond the standard minimum which could be a problem but I am not experienced enough. I use phpMyAdmin to poke around and thats all.

I work alone from home and I have no friends who are computer orientated to help me with the site - and certainly no friends who would be prepared to use their card on my site now that I have told them Im having problems with it.

When I go to the site - and follow the buttons - I am taken to the paypal secure website - and I can see my company name - so from that perspective I fail to see how on earth something can be wrong. What I have had done for me is the same by two mates on different ISPs than me - and they too can see my company name on the paypal pay screen.

My reasoning for suspicion behind all this started with the constant hacking I have described above. Then I read about DNS poison - and knowing nothing about that I am poking round in the dark and thought I would ask here.

One of the hacks was an insert of code into my .htaccess file - which basically said that if the referrer string contained "google" "yahoo" etc etc (a list of about 20 search engines) then the user was redirected to a malicious site.

This lead me to believe that "something somewhere" could or must be redirecting my users.

Let me explain - I visit my site from my browser favorites - I very rarely click it from google - no need.
So you can imagine - I was losing sales whilst my .htaccess was holding redirection code in it - and I was looking at one thing - and my users coming in from an SE were seeing a malicious site. My sales had stopped dead - so - I looked into it and found the redirects - this was a solution - I had caught the hackers.

I now find myself in a very very similar situation - my sales have stopped - but my site looks fine, traffic is fine. Dont belittle 1 sale a day - it means a lot to me.

I think you will find your B.S statement the only B.S in this thread.