Jump to content

gabrieluk's Content

There have been 73 items by gabrieluk (Search limited from 24-Jan 19)



Sort by                Order  

#66219 remove mod "reward points"

Posted by gabrieluk on 06 January 2010 - 01:20 AM in General Questions

I have to.My host provider confirmed that "reward points" is the only one in the NIST NVD.So they want i remove it URGENT.You know how to do it?should i just delete the folder?



#66212 remove mod "reward points"

Posted by gabrieluk on 06 January 2010 - 01:03 AM in General Questions

Hi,
i need to know how to remove this mod from my site.Please this is urgent.I'm using Sp4.
Thanks in advance



#66202 Security warning CS-Cart version 1.3.5-SP4

Posted by gabrieluk on 06 January 2010 - 12:17 AM in Web Hosting

Spiral,

No offence dude, but still nothing from you so, I will just ignore any result of your security scanning and hundreds of words regarding 1.3.5 SP4.

Make some effort and read your lines below and stop changing words to make things softer. Empty statements...

What you just described is the automatic default alert message generated from one of my own security scanning applications...

Incidentally, CS-Cart 1.3.5-SP4 is one that does indeed have a number of unresolved security vulnerabilities ...

...upgrading would be a good move

I have personally witnessed, at different web hosts, over 50 sites hijacked and all used as spam servers for no other reason than they each were running CS-Cart 1.3.5-SP4 ...

Another 27, also running the same version, got their customer credit card data or other information stolen as well by injected code modifications...

and there is a URL reference in the major public security advisory databases...
I have personally seen a large number of sites on CS 1.3.5 SP4 hacked...

YES, 1.3.5 SP4 does indeed have some very major security problems ...

1.3.5 sp4 in and of itself but you will need to make a number of modifications to deal with several poorly written code areas that are now being activity exploited heavily ...

I have observed how this has been exploited has either to be utilize the CS-Cart program as a spam distribution relays...

I have also located all the areas of code that are currently being exploited by hackers ...


I saw Elvis...

Spiral could be a good politic,SPIRAL FOR PRESIDENT!!!!!!!(he knows how to adapt sentences...)HURAYYYYYYYY!!!!!!!!!!!!!!!!!!
(sorry guys ,the pressure is getting into my nerves....let's break the ice...)
:mad: :( :) :D



#66115 Security warning CS-Cart version 1.3.5-SP4

Posted by gabrieluk on 05 January 2010 - 12:54 PM in Web Hosting

Hello,





Is there someone here, in CS-Cart community, who heared / seen, or can testify or affirm any attempt (or the increasing) of hacking?

An user of CS-Cart?

An official of a hosting company?

An official support technician of CS-Cart?



Lee Li Pop


HI Pop's,
I think that Spiral is the person that knows what is going on.He is an expert in security,AND HE KNOWS,the vulnerabilities.I was looking his threads and you can see that he has knowledge.I think the point here is how to produce this patch to cover vulnerabilities as soon as we can!!!!OTHERWISE i think i will be forced from my host to REMOVE cs cart or update it,as i'm putting the security of my whole server at risk,using SP4.as i DON'T WANT TO UPGRADE(as others,i belive) the solution will be only one.change ecommerce software(thing that i don't want to do either,as i love Cs cart)



#66082 Security warning CS-Cart version 1.3.5-SP4

Posted by gabrieluk on 05 January 2010 - 02:12 AM in Web Hosting

hello,
i was so curious to understand the relation of this vulnerabilities with the hosting provider,that i wrote a thread in the forums of my provider.For a reason of privacy i wont reveal the name of my host
"my host" vs CyberLNC
hi there,
i have an ecommerce software in my account,Cs Cart.I use an older version of the software,as it is the best version.Some concerns about security have been risen in CS forums.They said CyberLNC is a very good host provider,wich has it's own security measures,so the host itself blocks the lack of security from the software.My question is if "my host" is at the same level of security as CyberLNC.
I went to their website and i found this:
* Highly Secure RedHat Linux Servers
* Hardware Firewalls
* Cisco Guard DDOS Protection
* Tipping Point IPS/IDS Protection
* Multiple Internet Backbone Connections
* Gigabit Speeds from Server to Internet
* Geographically Redundant DNS
* Multiple Client Backup Solutions


ANSWER:
"Going by the information on the website, yes. Software/script wise we run a highly tweaked installation of mod_security across all of our shared servers. This blocks out a large number of attacks but obviously, not all. If there was such a solution exploited scripts would be a thing of the past.

Running out of date/vulnerable scripts on a shared web server is not acceptable. You are putting every other customer on that server at risk. If you site is exploited it could be used to attack other servers, host phishing pages, send huge volumes of spam email etc. The result would likely be poor peformance or downtime for other users on the server."

"It is also worth noting that cyberlnc use Softlayer as their provider. This means all of the servers, hardware firewall, DoS mitigation devices etc are not actually owned, managed or directly accessible by them"



#66012 Security warning CS-Cart version 1.3.5-SP4

Posted by gabrieluk on 04 January 2010 - 11:09 AM in Web Hosting

Spiral, you have made the above statement with nothing to back up your claim that CS 1.3.5 sp4 has a "number of unresolved security vulnerabilities". Please help us out. What are these security issues so I can work to get them resolved? I'm sure others in the community would love to know what they are too. This way we can all work to get them resolved.

I am sorry to say that at this point I just am not convinced that CS 2.? is the answer...at least quite yet. I hope to try out 2.11 soon on a new site, but still will not try it on one of our traffic sites yet. So basically, I plan to keep 1.3.5 sp4 until at least 2011 on a couple of our sites. I have already invested quite a bit in our current sites and do not want to blow that all out of the water for a version that seems to be on continuous "beta" test. So if there are security issues I want to work to get them resolved.

Amen:rolleyes:



#65986 Security warning CS-Cart version 1.3.5-SP4

Posted by gabrieluk on 03 January 2010 - 11:39 PM in Web Hosting

regardless if you use it, the addon should be removed ;)

Please can anyone point the right way to get rid of this addon?
Thanks in advance



#65821 We do not want 2.0.10...

Posted by gabrieluk on 02 January 2010 - 12:07 AM in General Questions

YEP! We will stay put with 1.3.5 sp4 until 2 has all the "bugs" worked out. The problem is CS keeps coming out with so many changes that they appear to never fix bugs from previous releases. I had considered upgrading the first quarter of next year, but I'm just not sold on CS2 being ready for rookies like myself to battle through it.

Hi Clips,
I agree with you.Is best to have an older version of software ,but that actually works,no fancy java,smarties...blablabla.Windows XP is a good example of an stable,older software.
I would like to share with you the only concern i have about 1.3.5 sp4:SECURITY.Are you in to it?Because i'm not.I think the only danger of using SP4 is vulnerabilities.Please let me know what u are doing in your shop about SECURITY.Also,i would like to propose to CS to call ALL 2.0 versions as BETA(testing in progress),and the other would be give REAL VALUE for the golden piece of code that sp4 IS.Please create a list with all the security fixes for this version,as it is the only one that actually works flaweslly.



#65576 site hacked

Posted by gabrieluk on 30 December 2009 - 01:37 AM in v1.x Security

I run my site in the -------- servers,using 644 for files and 755 for all folders...I just downloaded Security Update CS-20080901from the files section in the help desk,and i read all the forums regarding security.One post that called my attention was http://forum.cs-cart...ead.php?t=14197
apart that,i couldn't see any other major vulnerability...Am I wrong CS experts?(even because i know many cs customers are using sp4)And if i would consider the rewriting proposed and extra security layer,how much it would cost ?and it would be enough to cover major vulnerabilities?



#65573 site hacked

Posted by gabrieluk on 30 December 2009 - 12:09 AM in v1.x Security

hi,
i have a cs cart that was hacked.i found a strange folder in cpanel file manager.I would like to know if there's any exploits for the version 1.3.5 sp4 that i should manually fix.`thanks for any help,as i have to put the shop back on again but i'm concerned.
thanks



#65471 patches?

Posted by gabrieluk on 29 December 2009 - 02:43 AM in General Questions

hi there,i would like to know if for the fact i'm using sp4 should i be concerned with security.i'm running joomla and cs in the same domain,so i need to know if i have to aplly any patches for cs cart,or any recommendation is welcome.



#65427 product description optimization

Posted by gabrieluk on 28 December 2009 - 06:49 PM in SEO

thanks for the info,i think the products i want to optmize are ok for the market.I just need to know if the "product title is already an h1" and if i insert anchor text inside the product description,it will count towards s.e.o;)



#65426 javascript in categories menu vs seo

Posted by gabrieluk on 28 December 2009 - 06:14 PM in SEO

hi,
so you mean that the homepage is NOT SENDING any links to those cat in the menu???



#65338 javascript in categories menu vs seo

Posted by gabrieluk on 27 December 2009 - 05:26 PM in SEO

hi,
i notice that the menu for the categories on the left uses java.i would like to know what this represents for spiders.



#65337 product description optimization

Posted by gabrieluk on 27 December 2009 - 05:18 PM in SEO

hi,
i'm optimizing few pages to rank better in Google.I would like some advice regarding on page optimization in the product description.Is the product description behaves as the "body of the page"?so that means i can optimize product descriptions as i was optimizing an html page?
i heard that product title is already a h1.is that true?



#65061 S.e.o/S.e.f/ And long tail keywords(phrases)

Posted by gabrieluk on 23 December 2009 - 03:27 PM in SEO

hi Roban,
thanks for the tips.I have a little plan in my mind,so i will tell you briefly,and let's see what you think about it.
the site i want to optimize is composed of 19 categories,wich contains multiple products.I've been in other forums,especific for seo,and they told me that it's really hard to optimize a site that is composed of many different products.So my idea is to develop the site optimization based in only 5 categories.
the idea for on page optimization:

1.study this 5 products keywords,looking for long tail keywords.eg "buy the best red widgets uk","cheap blue widget uk","purchase yellow widget london".

2.optimize home page for this 5 products with few phrases

3.insert this phrases in the title tag of the respective products and categories

4.insert those phrases in the meta description and inside product page description

about internal link biulding

5.create anchor text with this keyword phrases,and insert in the product descriptions of ALL the other products that are NOT INCLUDED in the optimization

what you think?:rolleyes:



#65049 S.e.o/S.e.f/ And long tail keywords(phrases)

Posted by gabrieluk on 23 December 2009 - 12:29 PM in SEO

Hi,
I'm optimizing a cs cart store for the search engines.I've been reading the forums of Cs community and i found that the main issue is SEF.Everyone talks about SEF as it was SEO.Look,i'm not the s.e.o guru,but with my studies in the topic,what i found,is that the most important for s.e.o is to find right long tail keywords(phrases) and internal and external link building.
So i would like to have some advice regarding this side of s.e.o,not including s.e.f ,that best suits CS cart.



#64936 Number of Keywords?

Posted by gabrieluk on 22 December 2009 - 01:07 PM in SEO

7. SE take care on H1 tags too as very important. Each title in CS Cart is "H1".


Hy Indy,
When you say each title you refer to the "page title"?So,if i use a "h1" inside the product description,with a specific keyword phrase is bad?i will have duplicated "h1"?So should i apply "h2" inside the products description?
best regards,
Gabriel



#64133 site not loading

Posted by gabrieluk on 13 December 2009 - 11:01 PM in General Questions

i think is just a problem with my connection,someone told me that
Tel/WiFi tends to get cached at the gateway, so it could be the connection or the gateway or both........
i'm using a three mobile 3g usb stick pay as you go



#64026 site not loading

Posted by gabrieluk on 12 December 2009 - 01:13 PM in General Questions

You notice the same issue in your website?



#63977 site not loading

Posted by gabrieluk on 12 December 2009 - 01:42 AM in General Questions

now is loading...i realize that i observed this before,it looks like it comes and goes...maybe a server problem?any clues that could cause this "loading problem" combined with not loading the live help ?



#63972 site not loading

Posted by gabrieluk on 12 December 2009 - 01:20 AM in General Questions

hi there,
the site was working fine,till something happen.I don't know why ,the site doesn't fully load,and the image of the live help is not loading as well.
link to the issue
www.funky-sheila.co.uk/shop



#62084 CSS error

Posted by gabrieluk on 25 November 2009 - 02:33 PM in General Questions

This is really strange.....I attached a copy of the error i get on screen.And i notice that this error ocurrs only when i open site in the Public Library nearby my house.I don't know why this can happen because is a CSS error and the only difference between connecting at my home and in the Public Library ,is that the connection from the library uses a manual proxy server to connect...what a CSS ERROR HAS TO DO WITH PROXY SERVER?Mistery....:oops:

Attached Thumbnails

  • errorcss.jpg