homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
Forum Library, Charter, Moderators: phranque

Website Technology Issues Forum

Hackers uploading files - Help needed.

Msg#: 4281849 posted 11:49 am on Mar 15, 2011 (gmt 0)


One of the hacks ive had to deal with under OScommerce is where files (.php scripts) are being uploaded to a directory on my server and then executed at a later date.

Make the directory a 755 helps here - but I was wondering how to stop the hackers uploading the files in the first place.

My host says this.

Generally a site which is compromised will be via POST commands and usually is unpatched 3rd party apps like oscommerce etc *******

Now this is ok as it gives me something to look at - my host then says the following ....

In terms of the way they have accessed the site it could be one of the following:

IP ADDRESS REMOVED - - "POST /catalog/admin/categories.php/login.php?cPath=&action=new_product_preview HTTP/1.1" 200 14679 "-" "libwww-perl/5.803"

Can anyone advise me what this means? How it results in them "accessing" my site - and how it results in them being able to upload files?

Thanks in advance



WebmasterWorld Senior Member lammert us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

Msg#: 4281849 posted 3:05 am on Apr 1, 2011 (gmt 0)

Hi Fewkes,

Did you already find a solution for your hacking problem? The logfile entry provided by your hosting company suggests that the login.php script has some hole in it which can be misuses. The first thing to do is update to the latest version of the application you use and check their security announcements if this is a known bug and has been fixed.


WebmasterWorld Senior Member 5+ Year Member

Msg#: 4281849 posted 4:23 pm on Apr 22, 2011 (gmt 0)

The main way to truly protect the admin folders is to use your host's password protect directories from your cpanel. Make sure you lock it down from there. You cannot protect the osC admin folder from the application level there just too many factors.

In fact the login page that was introduced with the RC versions made security very weak as merchants believe the back end cannot be compromised and do not add the password from the cpanel which is a grave mistake.

Global Options:
 top home search open messages active posts  

Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved