Shopping Cart Software
Oscmax spam
This is a discussion on Oscmax spam within the osCMax v2 Installation issues forums, part of the osCMax v2.0 Forums category; I hope this is okay to post in this forum, I believe it may be. I have a functioning oscmax ...
| |||||||
| Register | FAQ | Members List | Calendar | Mark Forums Read |
|
#1
03-16-2008, 10:38 AM
| |||
| |||
 Oscmax spam I hope this is okay to post in this forum, I believe it may be. I have a functioning oscmax site, and recently started analyzing the server logs alot. I see an amount of visits that are to "http://mysite.com /index.php?cName=http:/spamsite.com/images?", Mysite.com is the pseudonym I will use for my site name, and the spamsite.com replaces their names. There are many names that are there. I wonder: 1: is oscmax vulnerable to something here, 2: is there something that I can add to my .htacess that denies these types of visits. I would appreciate if you can point me in the right direction, Jose Manuel      |
|
#3
03-17-2008, 05:03 AM
| |||
| |||
| Re: Oscmax spam Thanks Neil. Unfortunately, I do not have cpanel. Is it possible to do this with htaccess? |
|
#4
03-17-2008, 01:36 PM
| ||||
| ||||
 Re: Oscmax spam Google .htaccess block images Pages of results like: Preventing Image Bandwidth Theft With .htaccess (thesitewizard.com) Back up your .htaccess first before making any changes! |
|
#5
03-18-2008, 07:35 AM
| |||
| |||
| Re: Oscmax spam That is useful, and I found some good information that I used to protect my images in the htaccess. I made the changes, and in a few hours will know if this is a solution, but I am not sure, as the activity in my traffic program is not watching the images, it is watching my urls for pages, and they are grabbing: http://mysite.com/index.php?cName=ht...u/rumusic.wav? |
|
#6
03-18-2008, 01:01 PM
| |||
| |||
| Re: Oscmax spam Well, while I am glad to protect my images, this spam is still coming in. It is strange, the link does not seem to do anything. Any thoughts on what it does, what it is called (so I can search on it), and how to stop it? |
|
#7
03-18-2008, 04:19 PM
| ||||
| ||||
| Re: Oscmax spam You can block the ip address it is coming from, using .htaccess as well. Do a similar google search on block the ip address .htaccess Results like Clockwatchers - .htaccess Tutorial - Block An IP Address Spammers tend to change their IP addresses so it will be an ongoing process.
__________________ HTH Neil www.12website.com "You can have everything in life that you want if you will just help enough other people get what they want." Zig Ziglar |
|
#8
03-18-2008, 07:04 PM
| |||
| |||
| Re: Oscmax spam Thanks Neil. Your comments are all good, but given that they keep coming from different IP addresses, I gave up on trying that. However, I did find a website earlier, called blockacountry.com, which creates a list of IP ranges structured for my htaccess, which will block all undesirable countries from my site. I hope I am not accidentally blocking any clients in my wanted country. This still does not fix the fear of this problem, and why they seem to be increasing this type of attack. |
|
#9
03-19-2008, 09:59 AM
| |||
| |||
| Re: Oscmax spam I've been seeing the same sort of thing on my sites, and found this thread which addresses a possible solution: infobox passing unfriendly URL with SQL hack script - Help - osCommerce Community Support Forums I don't have cPanel, so am having to install mod_security the "old-fashioned" way. Googling "mod_security install" gives some decent installation instructions as well as recommended configurations. My hosting tech support folks suggested: "Where we don't provide Mod_security as one of our services, there is an alternative to help prevent these scripts from running. You will have to go into your php.ini file and turn allow_url_fopen off. This will make it so Apache does not treat url's like http://amymusicgirl.h17.ru/mysong.txt as a file. By not treating it as a file it won't execute any of the code located on the url." Unfortunately, turning "allow_url_fopen" to off blew up both my sites because of the rss news feeds on them plus didn't allow the SEO Assistant contrib to function, so I had to turn it back on. It may work for you, however. I hope this helps to give you some things to look at . Bob |
| The Following User Says Thank You to BobH For This Useful Post: | ||
josemanuel (03-19-2008) | ||
|
#10
03-20-2008, 07:28 PM
| |||
| |||
| Re: Oscmax spam I know that this is not a vulnerability, but it was making it very hard for me to track my traffic. So, I kept working it, actually googled part of the source of this attempted old fashioned hack. I found this that helped alot After 3 great years, I'm being hacked! - osCommerce Community Support Forums. I posted the following into my application_top, and it seems to help: // redirect attempted remote file include exploits if (strpos(strtolower($_SERVER['QUERY_STRING']),'http:') !== false){ header("Location: http://www.othersite.com"); exit; } |
 |
| Thread Tools | |
| |
| ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| PM Spam to some of our members - 10-17-07 | michael_s | Announcements | 0 | 10-17-2007 12:05 PM |
| Spam being sent from my site mailbox | warrenthewindmill | osCMax v2 Installation issues | 6 | 01-17-2007 10:25 AM |
| empty mails after spam fix in general.php | Sander | osCMax v2 Customization/Mods | 1 | 09-26-2005 04:37 AM |
| Spam flaw in stock contact_us.php | neil | osCMax v2 Customization/Mods | 0 | 09-14-2005 05:57 PM |
All times are GMT -8. The time now is 07:57 AM.
