Copy link to clipboard
Copied
I have been transferring a shopping cart (zen cart) web site from a different server and hosting company. I am very concerned about security issues because the site has been hacked. Once a web site has been hacked, what kind of things should be doing to make the site secure again?
Here are some concerns: the owner is getting about 30 to 50 bounce back emails. The From line has the email address of the former hosting company. I suspect the only thing to do is to change the email address.
At one point, the configure file was changed: the username and password for the database. I changed the username and password but a customer called and said that she ordered a product the other day and it came from a different company from a different state.
So, obviously the site has been hacked and needs to be secure. The payment method is by credit card through Authorize.net.
What do I need to do to make sure this site is secure?
Copy link to clipboard
Copied
Hi
This is just one of the problems with open source software, anyone and everyone has access to the code and knows what the folder and file names are that they must change for re-direct of sales/payment and often worse the name of the database connections folder and default connection file name, (they often then only require to 'hack' the password).
Unfortunately many people keep a simple user name and password for the web site, which is often simple to guess or hack. As an example the ftp connection is in most cases relatively simple to hack, (there are many password hack programs available on the web, free) the user name is often a simple variation of the site name, with a password set to something similar to the site name or owners name, (the owners name is available from Internic or similar service).
At the very least - download a copy of the database, change the log-in details for the site and database, set up a completely new zen cart site using completely new files, (save any custom designs, css etc. and 'import to new set-up). Do not use any old server side script files unless you are certain they have not been changed, check your database for unauthorized changes, and then upload the 'new' database and files.
The email bounce back is quite common if the sender name is not one that is from the hosting servers email accounts, and is probably one of the reasons why many people simply 'give-up' trying to get such items to work. The idea behind the restriction is to stop spammers using your email account to send bulk emails via your server.
There is much more you could do, but this would depend on the size and traffic of the site, (cost effectiveness).
PZ
Copy link to clipboard
Copied
Hi pziecina,
I appreciate your response, as always.
John