Post by alejstation » Tue Mar 22, 2016 11:33 am

Hi everyone, my online store (opencart 2.1.0.1) was attacked days ago. it´s the 6th time that someone is errasing categories and products. Luckily i have backups. I saw that when i login if i use admin or my email any passwork works!!! So the access is completely free. I changed the name of the folder "ADMIN" to prevent this hacker to login again, but i am afraid that he can list the folders of the website.
1. how can i prevent him from listing the root folders?
2. how can i correct this problem in the login (any password works using email and admin user (this users doesnt exist in the back panel... so i cant change it). I have only 1 user and it´s not any of this, so the hacker creates an open door to access the opencart.

I will appreciate a lot your help. Thanks!

Newbie

Posts

Joined
Tue Mar 22, 2016 11:25 am

Post by Johnathan » Wed Mar 23, 2016 3:52 am

1. Re-upload the original OpenCart files for your version. If it's a modification to one of those files, that should fix it.

2. If you still have the issue after that, disable any ocMods or vQmods on your site. Then start going through them one-by-one and see if any of them result in the issue you mention.

3. If you can't figure it out after that, consider hiring someone to take a look at it for you. If you need to find a developer, I recommend you post a request in the OpenCart "Commercial Support" forum, which is checked by a number of OpenCart developers. You can also try checking out the OpenCart "Partners" area.

Image
Image Image Image Image


User avatar
Global Moderator

Posts

Joined
Fri Dec 18, 2009 3:08 am


Post by pipoy » Wed Mar 23, 2016 10:16 am

Who did you hire last before it happens?
Disable his extension
change your FTP details

Active Member

Posts

Joined
Fri Mar 04, 2016 12:18 pm

Post by alejstation » Fri Apr 08, 2016 5:06 am

Thanks for your help, i will try that and see if it solves the problem. Sorry for taking so long to respond. :)

Newbie

Posts

Joined
Tue Mar 22, 2016 11:25 am

Post by alejstation » Fri Apr 08, 2016 9:07 am

The problem was solved. Seems that some file inside the system root folder was changed. Now everything is normal. Lets see if the hacker tries again to attack the store. Thank you all for your help.

Newbie

Posts

Joined
Tue Mar 22, 2016 11:25 am

Post by procheck » Fri Apr 08, 2016 10:17 pm

If you're using an Apache based server make sure you use an .htaccess file. I provided a link to get you started but do a search on this. http://www.thesitewizard.com/apache/pre ... cess.shtml

Another thing to look at is a firewall. Here's one to look at - http://nintechnet.com/ninjafirewall/. There are many more. While nothing is 100% at least you will stop the hacker wanna be's.

New member

Posts

Joined
Tue Jul 23, 2013 9:42 am
Who is online

Users browsing this forum: No registered users and 32 guests