Post by artcore » Tue Jun 21, 2016 2:31 am

@frishops
I wouldn't worry about it too much. If you're on a decent hoster it's *virtually* impossible to hack a site, providing you don't have any winky extensions that open up the gates. ddos/brute force is another story that can really bring down a site without much you can do about it unless you have access to tons of hardware.
But the main thing to do is first find out where any issue is coming from before blaming OC as it's pretty solid ;D

@straighlight
Thanks for confirming this :D

Attn: I no longer provide OpenCart extensions, nor future support - this includes forum posts.
Reason: OpenCart version 3+ ;D

Thanks!


User avatar
Active Member

Posts

Joined
Tue Jul 09, 2013 4:13 am
Location - The Netherlands

Post by ASP » Tue Jun 21, 2016 4:03 am

Response from my host:
You'd need SQL query logging to see that and unfortunately it wouldn't be feasible to enable that on a shared system I'm afraid. It would generate gigabytes of logs in just a few minutes.

In terms of the cause, three things to check first:-

1) OpenCart is fully up to date and patched
2) Any plugins/modules/components/theme you use is fully up to date with no known security vulnerabilitys
3) You have secure permissions set on any 'sensitive' files, e.g. 'config.php' should be set to 600 permissions for example.

ASP
New member

Posts

Joined
Fri Sep 11, 2015 11:35 pm

Post by ASP » Tue Jun 21, 2016 4:47 pm

Unfortunately despite a previous commenter's assurance that the e-mail and PayPal account of the hacker was invalid, I have discovered that one transaction did go through to the hacker's PayPal account before I noticed the change and restored my settings.

I asked my customer to send me their payment confirmation e-mail and report the transaction:
mohcine.png

mohcine.png (14.84 KiB) Viewed 499 times


ASP
New member

Posts

Joined
Fri Sep 11, 2015 11:35 pm

Post by i2Paq » Tue Jun 21, 2016 5:24 pm

We have no info on any previous "hacking" of your version by forcing a new Admin password.

If you are on a shared server/hosting it could be that you are compromised because of that.

Norman in 't Veldt
Moderator OpenCart Forums

_________________ READ and Search BEFORE POSTING _________________

Our FREE search: Find your answer FAST!.

[How to] BTW + Verzend + betaal setup.


User avatar
Global Moderator

Posts

Joined
Mon Nov 09, 2009 7:00 pm
Location - Winkel - The Netherlands

Post by Burt65 » Tue Jun 21, 2016 5:31 pm

You mean this Mohcine El khentour
khentour.JPG

khentour.JPG (93.75 KiB) Viewed 496 times

It shoundn't be very hard to track down... Ask Paypal to stop the transaction...

Over 95% of all computer problems can be traced back to the interface between the keyboard and the chair...


User avatar
Active Member

Posts

Joined
Mon Nov 18, 2013 3:23 pm
Location - Oz

Post by i2Paq » Tue Jun 21, 2016 6:16 pm

Oeps!

HacKër

Norman in 't Veldt
Moderator OpenCart Forums

_________________ READ and Search BEFORE POSTING _________________

Our FREE search: Find your answer FAST!.

[How to] BTW + Verzend + betaal setup.


User avatar
Global Moderator

Posts

Joined
Mon Nov 09, 2009 7:00 pm
Location - Winkel - The Netherlands
Who is online

Users browsing this forum: No registered users and 14 guests