Post by guidone » Wed Sep 01, 2021 9:52 pm

Hi,

today someone or some bot changed my admin username and password.
Someone has had this bad experience?
To protect my /admin folder i use this extension:
https://www.opencart.com/index.php?rout ... n_id=24045
and also i protected via Plesk panel my /admin folder with extra username and password see: https://prnt.sc/1qyfjxi

how could this happen and why? sql injection?
how can i prevent future attacks?

Thank you in advance for your suggestions!

User avatar
New member

Posts

Joined
Thu Mar 28, 2013 7:39 pm

Post by JNeuhoff » Wed Sep 01, 2021 10:04 pm

Restore your database, or at least the oc_user table, from a backup, to gain access again to your OpenCart admin.

Then look through the server's access logs to see whether there were any suspicious activities.

You may have to switch to a better webhost, too.

Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig


User avatar
Guru Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by guidone » Wed Sep 01, 2021 10:13 pm

Thank you, i'm on shared hosting, do you think i have to ask them to restrict access to my db to localhost only?

User avatar
New member

Posts

Joined
Thu Mar 28, 2013 7:39 pm

Post by straightlight » Wed Sep 01, 2021 10:42 pm

guidone wrote:
Wed Sep 01, 2021 10:13 pm
Thank you, i'm on shared hosting, do you think i have to ask them to restrict access to my db to localhost only?
Protecting the admin folder won't change anything based on the database connection method itself. However, by default, the DB connection's hostname should always be set to localhost by your host. Not to a remote IP address nor hostname.

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by guidone » Wed Sep 01, 2021 11:08 pm

Hi,
thanks for your reply.
If i set hostname to localhost i will be able to access my db through PhpMyAdmin only?
I will no longer be able to access through external applications or backup cloud services for backup, is this correct?

Thanks

User avatar
New member

Posts

Joined
Thu Mar 28, 2013 7:39 pm

Post by by mona » Wed Sep 01, 2021 11:15 pm

I am not sure I understand what you are suggesting because your database has to be accessed - without the database there is no access to anything, just a bunch of pages with no information ?

DISCLAIMER:
You should not modify core files .. if you would like to donate a cup of coffee I will write it in a modification for you.


https://www.youtube.com/watch?v=zXIxDoCRc84


User avatar
Expert Member

Posts

Joined
Mon Jun 10, 2019 9:31 am

Post by straightlight » Thu Sep 02, 2021 1:16 am

guidone wrote:
Wed Sep 01, 2021 11:08 pm
Hi,
thanks for your reply.
If i set hostname to localhost i will be able to access my db through PhpMyAdmin only?
I will no longer be able to access through external applications or backup cloud services for backup, is this correct?

Thanks
That would be normally correct since this method is already not suggested to be used on anyhow. The use of REST APIs are considered the best practices these days.

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON
Who is online

Users browsing this forum: No registered users and 46 guests