my site images are hacked by
My site is hosted on Arvixe shared hosting plan. I have also reached out to them for help.
I have closed the store for now and deleted the settings.txt file that stores database connection info.
I am using latest nopcommerce 3.10
Can you explain the type of hack?
cross-site scripting? SQL injection?
use windows identity instead. Do not open your sql database for incoming piped names and tcp/ip traffic. If you are on a shared hosting plan you might run into problems. If nopcommerce would allow multiple store hosting, I would be the first to launch a dedicated server for low budget shared hosting to comfort the low traffic web sites in a good manner.
For my client account same issue did too . Setting files in shared hosting hacked . Then shut down site . Then changed and fixed .
If you are hacked, you likely want to reset all users passwords and move to another fresh installed server.
It can also happen that the shared hosting party is sharing various systems on 1 server. Than you might have to be careful since the security of for instance php and iis are quite different. iis will block other files by default than php on an apache server.
OK. Somebody tries opening these links. They don't exist and hence appropriate records are added to log. You can ignore these log messages. It doesn't mean that your site was hacked.