Re: Admin Login - Urgent Help Needed!

Quote

Post by artcore » Tue Jun 21, 2016 2:31 am

@frishops
I wouldn't worry about it too much. If you're on a decent hoster it's *virtually* impossible to hack a site, providing you don't have any winky extensions that open up the gates. ddos/brute force is another story that can really bring down a site without much you can do about it unless you have access to tons of hardware.
But the main thing to do is first find out where any issue is coming from before blaming OC as it's pretty solid ;D

@straighlight
Thanks for confirming this :D

Attn: I no longer provide OpenCart extensions, nor future support - this includes forum posts.
Reason: OpenCart version 3+ ;D

Thanks!

User avatar
artcore
Active Member
Posts
1349
Joined
Tue Jul 09, 2013 4:13 am
Location - The Netherlands
Top

Re: Admin Login - Urgent Help Needed!

Quote

Post by ASP » Tue Jun 21, 2016 4:03 am

Response from my host:
You'd need SQL query logging to see that and unfortunately it wouldn't be feasible to enable that on a shared system I'm afraid. It would generate gigabytes of logs in just a few minutes.

In terms of the cause, three things to check first:-

1) OpenCart is fully up to date and patched
2) Any plugins/modules/components/theme you use is fully up to date with no known security vulnerabilitys
3) You have secure permissions set on any 'sensitive' files, e.g. 'config.php' should be set to 600 permissions for example.
ASP
New member
Posts
33
Joined
Fri Sep 11, 2015 11:35 pm
Top

Re: Hacked Account

Quote

Post by ASP » Tue Jun 21, 2016 4:47 pm

Unfortunately despite a previous commenter's assurance that the e-mail and PayPal account of the hacker was invalid, I have discovered that one transaction did go through to the hacker's PayPal account before I noticed the change and restored my settings.

I asked my customer to send me their payment confirmation e-mail and report the transaction:
mohcine.png

mohcine.png (14.84 KiB) Viewed 864 times

ASP
New member
Posts
33
Joined
Fri Sep 11, 2015 11:35 pm
Top

Re: Admin Login - Urgent Help Needed!

Quote

Post by i2Paq » Tue Jun 21, 2016 5:24 pm

We have no info on any previous "hacking" of your version by forcing a new Admin password.

If you are on a shared server/hosting it could be that you are compromised because of that.

Norman in 't Veldt
Moderator OpenCart Forums
_________________ READ and Search BEFORE POSTING _________________

Our FREE search: Find your answer FAST!.

[How to] BTW + Verzend + betaal setup.

User avatar
i2Paq
Global Moderator
Posts
12244
Joined
Mon Nov 09, 2009 7:00 pm
Location - Winkel - The Netherlands
Top

Re: Admin Login - Urgent Help Needed!

Quote

Post by Burt65 » Tue Jun 21, 2016 5:31 pm

You mean this Mohcine El khentour
khentour.JPG

khentour.JPG (93.75 KiB) Viewed 861 times

It shoundn't be very hard to track down... Ask Paypal to stop the transaction...

Over 95% of all computer problems can be traced back to the interface between the keyboard and the chair...

User avatar
Burt65
Active Member
Posts
650
Joined
Mon Nov 18, 2013 3:23 pm
Location - Oz
Top

Re: Admin Login - Urgent Help Needed!

Quote

Post by i2Paq » Tue Jun 21, 2016 6:16 pm

Oeps!

HacKër

Norman in 't Veldt
Moderator OpenCart Forums
_________________ READ and Search BEFORE POSTING _________________

Our FREE search: Find your answer FAST!.

[How to] BTW + Verzend + betaal setup.

User avatar
i2Paq
Global Moderator
Posts
12244
Joined
Mon Nov 09, 2009 7:00 pm
Location - Winkel - The Netherlands
Top
Post Reply
Return to “General Support”
Who is online

Users browsing this forum: No registered users and 36 guests