1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Warning for Zen Cart users

Discussion in 'eCommerce' started by BrassDash, Feb 14, 2010.

0
  1. #1
    Hey everyone,

    I do not know if this is common with Zen Cart, but a few weeks ago, my site (which utilizes Zen Cart) got hacked through the code. I had a webmaster take a look at it and he said anyone could have done it. The hacker infected only our image files, so we had to completely delete those. It was a big hassle and an even larger annoyance.

    Just be careful if you're a Zen Cart user.
     
    BrassDash, Feb 14, 2010 IP
  2. wisdomtool

    wisdomtool Moderator Staff

    Messages:
    15,825
    Likes Received:
    1,367
    Best Answers:
    1
    Trophy Points:
    455
    #2
    Any particular vulnerability that you can share with us? Just a word of advice, for those using shopping carts, cms and the likes. These are extremely complicated software that needs to be patched regularly to be secure. Do patch and backup regularly.
     
    wisdomtool, Feb 14, 2010 IP
  3. Fanthomas

    Fanthomas Guest

    Messages:
    3
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    The ones I use for shopping carts and CMS are very simple.

    Are they really that vulnerable? Does it help if I'm using longer passwords for my admin accounts? example: 341jjdak202
     
    Fanthomas, Feb 14, 2010 IP
  4. BrassDash

    BrassDash Peon

    Messages:
    239
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Like I said, the image files were the only vulnerable files we found after a thorough search. The hacker didn't get to our database or any other important part of the site.

    I am a newbie to eCommerce softwares, but can you explain what patching is?

    Thanks!
     
    BrassDash, Feb 15, 2010 IP
  5. webhost.uk.net

    webhost.uk.net Well-Known Member

    Messages:
    296
    Likes Received:
    9
    Best Answers:
    0
    Trophy Points:
    128
    #5

    Did you had 777 permission to images ..or nobody ownership..Thats the reason we allows tell our customers to upgrade to stable version.

    And on hosting end..do have suphp enabled to avoid 777 permission and avoid hack attempts.
     
    webhost.uk.net, Feb 15, 2010 IP
  6. Digilister

    Digilister Peon

    Messages:
    38
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #6
    That's right. You usually DON'T have to chmod any files or folders to 777, even if the instructions says so. A chmod of 777 makes it possible for anyone to write to the file or folder. Use 774 or even lower.
     
    Digilister, Feb 16, 2010 IP
  7. bdgbdg

    bdgbdg Member

    Messages:
    154
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    30
    #7
    Many are still making those very same mistakes...
     
    bdgbdg, Feb 16, 2010 IP