Shopping Cart Software
Security Issues..still?
This is a discussion on Security Issues..still? within the osCMax v2 Features Discussion forums, part of the osCMax v2.0 Forums category; Hi all, Were still having problems with spamming via our OSCmax sites. I've done the security issues as far as ...
| |||||||
| Register | FAQ | Members List | Calendar | Mark Forums Read |
|
#1
06-05-2006, 08:42 AM
| |||
| |||
 Security Issues..still? Hi all, Were still having problems with spamming via our OSCmax sites. I've done the security issues as far as i'm aware, or perhaps they were done already in my version ? There is loads of '// EOF: MS2 update 501112-Added ' comments in general.php etc.. so i'm assuming they're done. Anyway, were STILL getting blocks for email flooding on our OSC accounts.. Are there any security issues which have been overlooked? Is it possible that the Admin levels contrib is being exploited and emails are being sent from the admin panel? i really need to sort this.. has anyone any pointers , or can anyone confirm if the 501112 security updates really are secure? Thanks     |
|
#2
06-11-2006, 08:26 AM
| ||||
| ||||
| RE: Security Issues..still? Are you asking about "Contact us"? part. Or your just getting alot of SPAM in your inbox? Thing to do: - Change your email address. ONLY use a certain email box for your automated MAX mailing to your self. - Use a differnet box for emails going out to users. IE - Automated email - do not reply - as you don't check this mailbox - type of mailbox. - Secure your ADMIN and SQL password (change both passwords) - Move the ADMIN to another DIR.... ie: /catalog/secret_dir/that_is/hard_to_guess/admin..... (remember to book mark it!) - Remove the contact us screen. Or add a human confirmation code.
__________________ JPF - osCMax Fourm Moderator Try out our osCMax at: Live Catalog Demo Limited access Admin: Live Admin Demo Feel free to add products they way you want and then purchase them -=+=- Sorry nothing will be billed or shipped!  |
|
#3
06-11-2006, 08:28 AM
| ||||
| ||||
| RE: Security Issues..still? Are you asking about "Contact us"? part. Or your just getting alot of SPAM in your inbox? Thing to do: - Change your email address. ONLY use a certain email box for your automated MAX mailing to your self. - Use a differnet box for emails going out to users. IE - Automated email - do not reply - as you don't check this mailbox - type of mailbox. - Secure your ADMIN and SQL password (change both passwords) - Move the ADMIN to another DIR.... ie: /catalog/secret_dir/that_is/hard_to_guess/admin..... (remember to book mark it!) - Remove the contact us screen. Or add a human confirmation code.
__________________ JPF - osCMax Fourm Moderator Try out our osCMax at: Live Catalog Demo Limited access Admin: Live Admin Demo Feel free to add products they way you want and then purchase them -=+=- Sorry nothing will be billed or shipped! |
|
#4
07-23-2006, 11:27 AM
| |||
| |||
| RE: Security Issues..still? I just ran a ScanAlert scan on my OSCMax domain, and they said: " WebApp Cross Site Scripting The remote web application appears to be vulnerable to cross site scripting (XSS). " This was only two days ago... ...but they also misidentified the application as CubeCart  - I am working with them...If I forget to post back within a week, somebody nudge me by PM.Thanks, K |
 |
| Thread Tools | |
| |
| ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Other Paypal Issues | timbrrr | Paypal | 42 | 04-06-2008 02:21 PM |
| PayPal IPN Issues | usedcpus | osCMax v2 Features Discussion | 8 | 07-25-2006 04:55 AM |
| Help on 2 issues Please | DBComics | osCMax v1.7 Installation | 1 | 04-10-2006 07:04 PM |
| 2CO Issues | auntie22 | osCMax v1.7 Discussion | 0 | 05-28-2004 11:51 AM |
| Are there any security issues running in root? | DMG | osCMax v1.7 Discussion | 2 | 01-25-2004 05:23 AM |
All times are GMT -8. The time now is 07:33 AM.
