I don't see any patches when I log in. Is this for all versions? We're using multi vendor
Path is in the "Update" folder of your filearea. If you can not find it, please PM me the email address you use to log in to Help desk.
For Multi-Vendor there should be take some extra actions besides the uploading auth.pre.php you should modify the app/functions/fn.users.php file, find this line:
So I am doing some log analysis to see if we were compromised.
From how I read the code all the account creation data would go through a POST though right? And it would of returned a valid HTTP response I think? its hard to test in my dev environment right now.
So I don't think theres an real way to see if the a hack was attempted via logs. You can't rely on the admin accounts because someone who knew what they were doing would of deleted the account after they created it.
The best approach seems to just gather all the IP's people tried to access our admin file from and check them against known goods. If you changed the name and required https this should be reliable.
Any other suggestions?
We need to know how long ago this was first known to be used too so we know how far back to check.
My guess would be that you have more of an 'ownership' issue versus a 'permission' issue. Your files/directories should be owned by the cpanel user and you should FTP into your site as the cpanel user (or other ftp user setup via cpanel).
But as I said the same problem exists when I log in to cPanel and try there. Incidentally, I am using the same log in with my ftp client as I use to log in to cpanel.
My server is a dedicated server and I have several web sites on it each one being an account with their own specific log in and password. I have no problems with any other software only cs-cart...no problems with other shopping cart software, forum software etc...
Can you create any other filenames in that directory using your filemanager (or ftp)? If your ownerships/permissions are correct there is no reason why you shouldn't be able to create that file with your file manager or ftp.
Since you are a dedicated server, there's a good chance that ownerships have gone awry. The most common occurrence I see is that 'root' ends up owning files or directories that should be owned by the cpanel user.