Post by mrniss99 » Tue Mar 06, 2018 11:35 pm

I am sharing hosting space with a friend of mine. We both use Opencart Last week I had some strange pop up whenever I went to use my admin panel asking for billing information (see attached image). Last night it was brought to my attention that his site is getting the same pop up when a user goes to view a category. I have done some discovery with Fiddler but can not really come up with anything substantial. If anyone has any ideas we both would greatly appreciate the input.

Thanks in advance!



Thu Nov 21, 2013 1:28 am

Post by IP_CAM » Wed Mar 07, 2018 7:57 am

What Ideas, by just by looking at an image ? ???

Please don't send me OC Forum Personal Messages, just contact:
OC LIGHT Test Site:
OC V-PRO Test Site:
My Github OC Site:
2'600+ FREE OC Extensions on the World's largest Github OC Repository Archive Site.

User avatar
Legendary Member


Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by ADD Creative » Wed Mar 07, 2018 8:38 pm

A few things you could to do if you haven't already.

Change your hosting passwords including all FTP accounts that may have been created.
Change the OpenCart database user password (remember to update the two config.php files with the new password).
Check the files or your server have not been modified or new files added by comparing against a clean download of your version of OpenCart and any modifications.
Check your database for any injected code.
Lookup through your servers web access log for anything suspicious that may help you find where they are getting in.
Check the OpenCart error logs for anything suspicious.
Check for any additional admin accounts (and maybe name from the default of "admin" or better still create a new admin account and give full permission and then delete the default account).
Check your database can only be accessed from the relevant IP addresses.
Switch off displaying of errors in OpenCart on on your hosting (this has to be done in the admin and the config files in version 3).

I've seen sites attacked through week or stolen FTP passwords, vulnerabilities in extensions, ect.

Active Member


Sat Jan 14, 2012 1:02 am
Location - United Kingdom
Who is online

Users browsing this forum: No registered users and 2 guests