Hello,
my site images are hacked by
pharmacy100.co.uk
My site is hosted on Arvixe shared hosting plan. I have also reached out to them for help.
I have closed the store for now and deleted the settings.txt file that stores database connection info.
I am using latest nopcommerce 3.10
please help.
Thank you.
my site hacked by pharamacy100.co.uk
- 648
- 4441
- 11/20/2013
- Netherlands
use windows identity instead. Do not open your sql database for incoming piped names and tcp/ip traffic. If you are on a shared hosting plan you might run into problems. If nopcommerce would allow multiple store hosting, I would be the first to launch a dedicated server for low budget shared hosting to comfort the low traffic web sites in a good manner.
- 648
- 4441
- 11/20/2013
- Netherlands
Hi,
If you are hacked, you likely want to reset all users passwords and move to another fresh installed server.
It can also happen that the shared hosting party is sharing various systems on 1 server. Than you might have to be careful since the security of for instance php and iis are quite different. iis will block other files by default than php on an apache server.
J.
If you are hacked, you likely want to reset all users passwords and move to another fresh installed server.
It can also happen that the shared hosting party is sharing various systems on 1 server. Than you might have to be careful since the security of for instance php and iis are quite different. iis will block other files by default than php on an apache server.
J.
- 16
- 150
- 10/12/2013
- United States
beefydog wrote:
I have hosted my site on shared server at Arvixe.
The image link gets modified to...
src="http://www.pharmacy100.co.uk/content/images/thumbs/IMAGE_NAME_GOES_HERE"
IMAGE_NAME_GOES_HERE = Image name file you have given. Ex. log.jpg
Temp solution:
Log in as admin and "Clear Cache"
I see below attacks regularly...
The controller for path '/MyAdmin/scripts/setup.php' was not found or does not implement IController.
The controller for path '/myadmin/scripts/setup.php' was not found or does not implement IController.
The controller for path '/cgi-bin/php4' was not found or does not implement IController.
Thank you.
Can you explain the type of hack?
cross-site scripting? SQL injection?
cross-site scripting? SQL injection?
I have hosted my site on shared server at Arvixe.
The image link gets modified to...
src="http://www.pharmacy100.co.uk/content/images/thumbs/IMAGE_NAME_GOES_HERE"
IMAGE_NAME_GOES_HERE = Image name file you have given. Ex. log.jpg
Temp solution:
Log in as admin and "Clear Cache"
I see below attacks regularly...
The controller for path '/MyAdmin/scripts/setup.php' was not found or does not implement IController.
The controller for path '/myadmin/scripts/setup.php' was not found or does not implement IController.
The controller for path '/cgi-bin/php4' was not found or does not implement IController.
Thank you.
