security

General discussion about AlegroCart - Post here if you can't find another suitable forum
Post Reply
rvcky
Posts: 14
Joined: Wed Jun 06, 2012 10:38 pm

security

Post by rvcky » Sat Jul 21, 2012 9:25 pm

Accoding to my web hosting logs some one accesed the admin section of the catalog and went to one of my products update page. Is there any way into the system (back door ext) other then through the c-panel or /admin sign in?
My hoster is looking into any posible breaches on the c-panel. I changed my user name and password and notised a demo user group. I deleted demo user. Is this a user that was put in by you or by the hacker.
After looking at the paypal module I notesed that the first 3 charecter of the token were not there. thats the Y2- Is it supposed to be left off or did the hackers change it ????

Thanks Jack

User avatar
leo
admin
Posts: 4320
Joined: Sun Dec 13, 2009 8:27 am
Location: Hungary

Re: security

Post by leo » Sun Jul 22, 2012 12:32 am

Could you send me your web hosting log in PM?

rvcky
Posts: 14
Joined: Wed Jun 06, 2012 10:38 pm

Re: security

Post by rvcky » Sun Jul 22, 2012 6:12 pm

I will copy paste it and email it to you if you have a email for me.

User avatar
leo
admin
Posts: 4320
Joined: Sun Dec 13, 2009 8:27 am
Location: Hungary

Re: security

Post by leo » Mon Jul 23, 2012 8:23 am

Sent in PM.

Post Reply