Hi,
My store is using Version 2.3.0.2 and I just found out one my categories description has been modified to include a spammy paragraph about casinos. Weird thing is only one category is affected out hundreds of categories I have. I suspect the hacker gained access to one of the user's account to make the changes. However, I need to confirm that by analyzing the activity log of each users. May I know where can I find such log in Opencart?
My store is using Version 2.3.0.2 and I just found out one my categories description has been modified to include a spammy paragraph about casinos. Weird thing is only one category is affected out hundreds of categories I have. I suspect the hacker gained access to one of the user's account to make the changes. However, I need to confirm that by analyzing the activity log of each users. May I know where can I find such log in Opencart?
OpenCart store activities only for Customers - and that setting has to be enabled first.
User (= backend) activities are never stored.
On the other side, customers do not have access to any backend functionality, and you should know your (backend) users and who is allowed what to do.
User (= backend) activities are never stored.
On the other side, customers do not have access to any backend functionality, and you should know your (backend) users and who is allowed what to do.
Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.
I have few users and I was hoping to confirm the hack by tracing the activity for each users. I wonder why OC doesn't log users activities? This should come handy in cases like this.OSWorX wrote: ↑Thu Jan 10, 2019 3:59 pmOpenCart store activities only for Customers - and that setting has to be enabled first.
User (= backend) activities are never stored.
On the other side, customers do not have access to any backend functionality, and you should know your (backend) users and who is allowed what to do.
You could look in your web access logs. Look for access to your admin login and then the item that was modified. You may not be able to work out which user account was used, but could confirm how the spam was added.
Change all your passwords if you haven't already.
There were reports of the same thing happening a while back with the problem possibly being a flaw in the theme being used.
Change all your passwords if you haven't already.
There were reports of the same thing happening a while back with the problem possibly being a flaw in the theme being used.
I use piwik now matomo to monitor my website traffic, beside that i also have a seperate piwik install that only i can access that logs all admin activities.
Comes in very handy to monitor all admin activities
Comes in very handy to monitor all admin activities
Koeltechnische deurrubbers eenvoudig online op maat bestellen.
Alle niet stekplichtige onderdelen zoals scharnieren, sloten, randverwarming en verlichting voor alle typen koelingen en vriezers.
https://koelcel-onderdelen.com
Your problem can be very serious because it will most probably it will:
- destroy your SERP
- happen again if you will not find the source
I would suggest making general checkup but also contact your hosting provider. In the worst scenarios, malicious code can be even installed on your server.
- destroy your SERP
- happen again if you will not find the source
I would suggest making general checkup but also contact your hosting provider. In the worst scenarios, malicious code can be even installed on your server.
Put Crawlprotect on. It helps stop hacks and SQL injections.
Opencart 1.5.6.5/OC Bootstrap Pro/VQMOD lover, user and geek.
Affordable Service £££ - Opencart Installs, Fixing, Development and Upgrades
Plus Ecommerce, Marketing, Mailing List Management and More
FREE Guidance and Advice at https://www.ecommerce-help.co.uk
Who is online
Users browsing this forum: No registered users and 41 guests