Post by ghostdog87 » Fri Aug 17, 2012 10:59 am

----------solved

Active Member

Posts

Joined
Wed Mar 07, 2012 12:31 pm

Post by asphole » Fri Aug 17, 2012 11:41 am

What was the issue as your statement about oc being insecure may leave some people concerned. I assume you actually traced the hack to OC and ruled out cpanel/ftp etc?

Active Member

Posts

Joined
Mon Mar 14, 2011 9:33 am

Post by ghostdog87 » Fri Aug 17, 2012 11:43 am

I contacted arvixe´s support which is the hosting service im using, and they restored the site..
but i was freaking out because an iraqi terrorist image appeared with some weird text and the store was unacccessible for 15 min.
I didnt get much detail about what they did at arvixe to solve it but the restored everyting as it was before, and now the site is working fine

Active Member

Posts

Joined
Wed Mar 07, 2012 12:31 pm

Post by asphole » Fri Aug 17, 2012 11:53 am

I'd look into that further as its possible that whatever exploit they used has already left backdoors. I had a zencart site hacked a couple of years back and you wouldnt believe how many re-entry points were left. As the hackers hacked in and waited a week or so before doing anything my hosts wekkly backup had all the exploits nicely backed up for them!! I had to go through thousands of files looking for hacker added code and had to rebuild the server to get it clean. I would ask Arvixe how entry was made and ask then to scan the server!

Active Member

Posts

Joined
Mon Mar 14, 2011 9:33 am

Post by ghostdog87 » Fri Aug 17, 2012 12:01 pm

Can you offer that service for my website? I dont have any programming skills
I need to make it as secure as it can possibly be
Thanks

Active Member

Posts

Joined
Wed Mar 07, 2012 12:31 pm

Post by asphole » Sat Aug 18, 2012 10:04 pm

Hi ghostdog87,

Unfortunately I just don't have the time I'm afraid as my workload at the moment is crazy stupid! Things you can do for yourself howerver:

Are you on a vps or shared server? If VPS ask your host tor ebuild the server and add as much security as possible. Anti-Virus, Firewall etc. You wouldn't believe how many hosts simply set up VPS with absolutely no security. Also ask to have as many notifications as possible with regard to malicious scripts and logins. My vps is set to email me if anyone logs in. I also get email alerts showing which files are capable of sending email. (Usually a hacker will modify login pages to email themselves whenever an admin changes his password!)

If its shared hosting ask them to confirm in writing that the account is virus/malware/hack free. (Most dont want to put it in writing before ensuring it is!)

With regard to your files. One way is to simply ftp into your site and navigate through each folder looking for files that have been recently modifield. (sort by 'date modified' in ftp software) If you see a file that has recently been changed and you know you didnt do it, download it, open it and look for hacker code. Usually it will be email scripts or heavily encrypted code) To be safe just upload a good clean copy of the file.

If you dont get anywhere with your host let me know and I'll recommend a very good company with excellent support. I'll also let you know which av/scanning software I have installed) I'm just off out but should be online again at some point tonight.

Good luck.

PS:Alternatively I know there are also a couple of very experienced oc users/developers with far more server security expertise than me that may take this on for you so maybe consider posting a request for help in a different sub forum? (I had to learn the hard way!! ie: when a host says your VPS will be secured and have all the latest security on place dont frickin believe them!!) ( over 9 years on shared hosting and no problem, 3 days on a VPS and bam!!)

Active Member

Posts

Joined
Mon Mar 14, 2011 9:33 am

Post by ghostdog87 » Sun Aug 19, 2012 12:12 pm

Ok! Thanks for the info

Excuse me, do you know whats this

Theres a txt file called robots in public html root, with this text inside

#Begin Attracta SEO Tools Sitemap. Do not remove
sitemap: http://cdn.attracta.com/sitemap/2487390.xml.gz
#End Attracta SEO Tools Sitemap. Do not remove

Active Member

Posts

Joined
Wed Mar 07, 2012 12:31 pm
Who is online

Users browsing this forum: No registered users and 77 guests