Post by masterkenobi » Thu Jan 10, 2019 3:37 pm

Hi,

My store is using Version 2.3.0.2 and I just found out one my categories description has been modified to include a spammy paragraph about casinos. Weird thing is only one category is affected out hundreds of categories I have. I suspect the hacker gained access to one of the user's account to make the changes. However, I need to confirm that by analyzing the activity log of each users. May I know where can I find such log in Opencart?

Newbie

Posts

Joined
Wed Aug 17, 2016 2:21 am

Post by OSWorX » Thu Jan 10, 2019 3:59 pm

OpenCart store activities only for Customers - and that setting has to be enabled first.
User (= backend) activities are never stored.
On the other side, customers do not have access to any backend functionality, and you should know your (backend) users and who is allowed what to do.

Forum Rules [en]: viewtopic.php?f=176&t=200480
Forumregeln [de]: viewtopic.php?f=37&t=114208
Commercial Request: viewforum.php?f=88

Image Image Image


User avatar
Guru Member
Online

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria

Post by masterkenobi » Thu Jan 10, 2019 4:13 pm

OSWorX wrote:
Thu Jan 10, 2019 3:59 pm
OpenCart store activities only for Customers - and that setting has to be enabled first.
User (= backend) activities are never stored.
On the other side, customers do not have access to any backend functionality, and you should know your (backend) users and who is allowed what to do.
I have few users and I was hoping to confirm the hack by tracing the activity for each users. I wonder why OC doesn't log users activities? This should come handy in cases like this.

Newbie

Posts

Joined
Wed Aug 17, 2016 2:21 am

Post by ADD Creative » Thu Jan 10, 2019 7:37 pm

You could look in your web access logs. Look for access to your admin login and then the item that was modified. You may not be able to work out which user account was used, but could confirm how the spam was added.

Change all your passwords if you haven't already.

There were reports of the same thing happening a while back with the problem possibly being a flaw in the theme being used.

www.add-creative.co.uk


Active Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom

Post by victorj » Sun Jan 13, 2019 6:41 am

I use piwik now matomo to monitor my website traffic, beside that i also have a seperate piwik install that only i can access that logs all admin activities.
Comes in very handy to monitor all admin activities

Koeltechnische deurrubbers eenvoudig online op maat bestellen.
Alle niet stekplichtige onderdelen zoals scharnieren, sloten, randverwarming en verlichting voor alle typen koelingen en vriezers.
https://koelcel-onderdelen.com

Koeltechnische deurrubbers eenvoudig online op maat bestellen.
Eigen productie en snelle levering.
https://123-deurrubbers.com


User avatar
Expert Member

Posts

Joined
Sat Jun 25, 2011 4:09 am
Location - Alkmaar Holland

Post by marianoitaliano » Wed Jan 23, 2019 5:18 pm

Your problem can be very serious because it will most probably it will:
- destroy your SERP
- happen again if you will not find the source
I would suggest making general checkup but also contact your hosting provider. In the worst scenarios, malicious code can be even installed on your server.

User avatar

Posts

Joined
Mon Jan 14, 2019 1:12 am


Post by johnp » Wed Jan 23, 2019 7:46 pm

Put Crawlprotect on. It helps stop hacks and SQL injections.

Opencart 1.5.6.5/Default Theme/VQMOD 2.6.1 lover, user and geek.
Fast Service for Opencart Installs, Fixing, Development and Upgrades plus Ecommerce, Marketing and More
https://asandwhenbusinessservices.co.uk
https://asandwhenbusinessservices.co.uk ... e-services


User avatar
Active Member

Posts

Joined
Fri Mar 25, 2011 10:25 am
Location - Surrey, UK
Who is online

Users browsing this forum: No registered users and 0 guests