I dug around and found the pp_pro.php file was hacked with one line that sends $request() to a hacker.
I am not sure how they did this as even the last modified date didn't change.
Anyone have this happen to them? how did you secure the site? my host isn't very helpful
thanks
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
F. Rules:
- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804
Regards,
Straightlight
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
F. Rules:
- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804
Regards,
Straightlight
How about using SSL certificates will it not be useful ?straightlight wrote: ↑Sun Oct 14, 2018 1:06 am444 would be the lease but not effective for all PCI servers. However, since we're looking at a network attack enquiry, contacting your host would be the best option.
Always help others it's always come back, give and receive
SSL certificates does provide security to users when browsing but has nothing to do with potential network attacks.khnaz35 wrote: ↑Sun Oct 14, 2018 1:03 pmHow about using SSL certificates will it not be useful ?straightlight wrote: ↑Sun Oct 14, 2018 1:06 am444 would be the lease but not effective for all PCI servers. However, since we're looking at a network attack enquiry, contacting your host would be the best option.
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
F. Rules:
- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804
Regards,
Straightlight
Good to know that, how about Sitelockstraightlight wrote: ↑Sun Oct 14, 2018 7:37 pmSSL certificates does provide security to users when browsing but has nothing to do with potential network attacks.khnaz35 wrote: ↑Sun Oct 14, 2018 1:03 pmHow about using SSL certificates will it not be useful ?straightlight wrote: ↑Sun Oct 14, 2018 1:06 am444 would be the lease but not effective for all PCI servers. However, since we're looking at a network attack enquiry, contacting your host would be the best option.

Always help others it's always come back, give and receive
But this is what I have: https://www.getastra.com/blog/911/how-t ... ware-hack/
and it's not getting fixed no matter what i do.
If it's what you have and worry about security issues, using integrated platforms into Opencart or vice-versa is unsupported on the forum since it includes this reason and this reason on being about security issues outside the scope of Opencart. If your host mentions that Opencart is not safe, it's because no mention has been provided to them regarding integrated platforms. Which is why, using remote APIs / Webservices are the best option via SSL so to avoid high levels and potential risks through the network. Since Magento does not provide those services, at least not out of the box, not an issue with Opencart period.xaappx1 wrote: ↑Mon Oct 15, 2018 8:31 amThe host is blaming OpenCart, saying it's not secure. I'm really not sure who to believe.
But this is what I have: https://www.getastra.com/blog/911/how-t ... ware-hack/
and it's not getting fixed no matter what i do.
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
F. Rules:
- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804
Regards,
Straightlight
A few other thing you could do.
Compare the files on your server to a clean version of the same version of OpenCart or a original backup. See if any files have been added that give access to your site.
Look through your web access logs for any suspicious activity around the time the hack was added.
Look through your servers FTP logs for any access that isn't you. You may need to ask your host for these.
I would clean out all your hacked files, reset all the site folder and file permissions to 755 and 644 respectively then install Crawlprotect and keep that up to date via its own control panel at least weekly but daily if you can.
Also, if you can manage it maybe upgrade your OC to 1.5.6.5.
Opencart 1.5.6.5/Default Theme/VQMOD 2.6.1 lover, user and geek.
Fast Service for Opencart Installs, Fixing, Development and Upgrades plus Ecommerce, Marketing and More
https://asandwhenbusinessservices.co.uk
https://asandwhenbusinessservices.co.uk ... e-services
Users browsing this forum: Baidu [Spider], Google [Bot] and 54 guests