Hello everyone, a person uploaded 3 files to my server, and after 3 days he deleted all the files on my server through files that were uploaded, I think through SQL injection or another method. He even deleted the files of other sites on the same server. How can I prevent this? How was he able to hack my store? Version number 3.0.3.7. Any solutions?
Weak or stolen passwords. Change all you passwords and delete any FTP or admin logins not being used.
Other sites on the same server. Make sure these are up to date and remove any that are no longer used.
Theme and extensions. There are a lot or poor quality themes and extension out there that may have a vulnerability. What themes and extensions are you using?
Check both the OpenCart and PHP error logs at the time the files were uploaded. Check your server, FTP and web access logs for anything suspicious.
Other sites on the same server. Make sure these are up to date and remove any that are no longer used.
Theme and extensions. There are a lot or poor quality themes and extension out there that may have a vulnerability. What themes and extensions are you using?
Check both the OpenCart and PHP error logs at the time the files were uploaded. Check your server, FTP and web access logs for anything suspicious.
Hi!icraown wrote: ↑Mon Oct 09, 2023 4:38 amHello everyone, a person uploaded 3 files to my server, and after 3 days he deleted all the files on my server through files that were uploaded, I think through SQL injection or another method. He even deleted the files of other sites on the same server. How can I prevent this? How was he able to hack my store? Version number 3.0.3.7. Any solutions?
You can look at access logs to know what likely/exactly happened. Look at the basic security particles here. I recommend you change all passwords, rename all users and reinstall opencart. If situation will happen again a can help with that.
My FREE extensions in marketplace. [ security | flexibility | speedup ]
A standard OpenCart does not have any known SQL vulnerabilities. Check your extensions, change all your passwords, and check your server's raw access logs to exactly what requests the attacker sent to your website.
Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig
I always install Ninja Firewall on my OC sites. It blocks hack attempts.icraown wrote: ↑Mon Oct 09, 2023 4:38 amHello everyone, a person uploaded 3 files to my server, and after 3 days he deleted all the files on my server through files that were uploaded, I think through SQL injection or another method. He even deleted the files of other sites on the same server. How can I prevent this? How was he able to hack my store? Version number 3.0.3.7. Any solutions?
https://nintechnet.com/ninjafirewall/pro-edition
Opencart 1.5.6.5/OC Bootstrap Pro/VQMOD lover, user and geek.
Affordable Service £££ - Opencart Installs, Fixing, Development and Upgrades
Plus Ecommerce, Marketing, Mailing List Management and More
FREE Guidance and Advice at https://www.ecommerce-help.co.uk
Who is online
Users browsing this forum: No registered users and 2 guests
