homepage Welcome to WebmasterWorld Guest from 54.163.72.86
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
Forum Library, Charter, Moderators: phranque

Website Technology Issues Forum

    
Hackers uploading files - Help needed.
MrFewkes




msg:4281851
 11:49 am on Mar 15, 2011 (gmt 0)

Hi,

One of the hacks ive had to deal with under OScommerce is where files (.php scripts) are being uploaded to a directory on my server and then executed at a later date.

Make the directory a 755 helps here - but I was wondering how to stop the hackers uploading the files in the first place.

My host says this.

*****
Generally a site which is compromised will be via POST commands and usually is unpatched 3rd party apps like oscommerce etc *******

Now this is ok as it gives me something to look at - my host then says the following ....

******
In terms of the way they have accessed the site it could be one of the following:

IP ADDRESS REMOVED - - "POST /catalog/admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 200 14679 "-" "libwww-perl/5.803"
******

Can anyone advise me what this means? How it results in them "accessing" my site - and how it results in them being able to upload files?

Thanks in advance
Fewkes

 

lammert




msg:4290517
 3:05 am on Apr 1, 2011 (gmt 0)

Hi Fewkes,

Did you already find a solution for your hacking problem? The logfile entry provided by your hosting company suggests that the login.php script has some hole in it which can be misuses. The first thing to do is update to the latest version of the application you use and check their security announcements if this is a known bug and has been fixed.

enigma1




msg:4302572
 4:23 pm on Apr 22, 2011 (gmt 0)

The main way to truly protect the admin folders is to use your host's password protect directories from your cpanel. Make sure you lock it down from there. You cannot protect the osC admin folder from the application level there just too many factors.

In fact the login page that was introduced with the RC versions made security very weak as merchants believe the back end cannot be compromised and do not add the password from the cpanel which is a grave mistake.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved