Post
by ADD Creative » Wed Mar 07, 2018 8:38 pm
A few things you could to do if you haven't already.
Change your hosting passwords including all FTP accounts that may have been created.
Change the OpenCart database user password (remember to update the two config.php files with the new password).
Check the files or your server have not been modified or new files added by comparing against a clean download of your version of OpenCart and any modifications.
Check your database for any injected code.
Lookup through your servers web access log for anything suspicious that may help you find where they are getting in.
Check the OpenCart error logs for anything suspicious.
Check for any additional admin accounts (and maybe name from the default of "admin" or better still create a new admin account and give full permission and then delete the default account).
Check your database can only be accessed from the relevant IP addresses.
Switch off displaying of errors in OpenCart on on your hosting (this has to be done in the admin and the config files in version 3).
I've seen sites attacked through week or stolen FTP passwords, vulnerabilities in extensions, ect.
www.add-creative.co.uk