Comments on: osCommerce v2.2 Website Infections http://wewatchyourwebsite.com/wordpress/2010/07/oscommerce-v2-2-website-infections/ Website Security Mon, 16 Apr 2012 17:46:24 +0000 hourly 1 http://wordpress.org/?v=3.3.2 By: admin http://wewatchyourwebsite.com/wordpress/2010/07/oscommerce-v2-2-website-infections/#comment-86 admin Mon, 30 Aug 2010 14:19:02 +0000 http://www.wewatchyourwebsite.com/wordpress/?p=372#comment-86 If you wouldn't mind, for the benefit of our readers, what specifically do you look for in your raw server logs? And should our readers look for these raw server logs? Are you on a shared server? Please provide details, if you would. If you wouldn’t mind, for the benefit of our readers, what specifically do you look for in your raw server logs?

And should our readers look for these raw server logs?

Are you on a shared server?

Please provide details, if you would.

]]> By: mommaroodles http://wewatchyourwebsite.com/wordpress/2010/07/oscommerce-v2-2-website-infections/#comment-83 mommaroodles Sat, 28 Aug 2010 20:55:19 +0000 http://www.wewatchyourwebsite.com/wordpress/?p=372#comment-83 You could just remove the file_manger and related code from the site - its not all that necessary anyway and no one used it to edit files anyway - well not to my knowledge. There is also .htaccess file which can be used - I find banning entire countries also quite effective, reading your raw server log files tell you a lot. I try to ready them at least once a week, preferably every 2 days or so. You could just remove the file_manger and related code from the site – its not all that necessary anyway and no one used it to edit files anyway – well not to my knowledge.

There is also .htaccess file which can be used – I find banning entire countries also quite effective, reading your raw server log files tell you a lot. I try to ready them at least once a week, preferably every 2 days or so.

]]> By: admin http://wewatchyourwebsite.com/wordpress/2010/07/oscommerce-v2-2-website-infections/#comment-63 admin Tue, 06 Jul 2010 16:21:37 +0000 http://www.wewatchyourwebsite.com/wordpress/?p=372#comment-63 Thank you. Sometimes the inconvenience of double login, can pay for itself in added security. Nice tip. Thank you. Sometimes the inconvenience of double login, can pay for itself in added security. Nice tip.

]]> By: Andras Virag http://wewatchyourwebsite.com/wordpress/2010/07/oscommerce-v2-2-website-infections/#comment-62 Andras Virag Tue, 06 Jul 2010 14:31:25 +0000 http://www.wewatchyourwebsite.com/wordpress/?p=372#comment-62 For the file disclosure vulnerability you can secure the admin folder with htpasswd. It works. Yeah, double login, but at least it's a workaround. Other than that it's a good find I wasn't aware myself. Thank you! For the file disclosure vulnerability you can secure the admin folder with htpasswd. It works. Yeah, double login, but at least it’s a workaround.
Other than that it’s a good find I wasn’t aware myself. Thank you!

]]>