My CS-Cart admin page is telling me (from multiple ip addresses) that ‘you are not allowed to access this area’.
Things to note:
The admin.php has been renamed as suggested (before this started happening).
My ftp account doesn’t seem to be affected.
Shopping cart itself doesn’t seem to be affected. Also, test user logins also work (like a user ordering).
My cPanel login to my hosting site doesn’t seem to be affected.
Never had this happen before, and wondering what to do.
Have I been hacked? Any help?
Thanks in advance!
[quote name=‘hartllc’]My CS-Cart admin page is telling me (from multiple ip addresses) that ‘you are not allowed to access this area’.
Things to note:
The admin.php has been renamed as suggested (before this started happening).
My ftp account doesn’t seem to be affected.
Shopping cart itself doesn’t seem to be affected. Also, test user logins also work (like a user ordering).
My cPanel login to my hosting site doesn’t seem to be affected.
Never had this happen before, and wondering what to do.
Have I been hacked? Any help?
Thanks in advance![/quote]
Your IP has been blocked… somewhere…
[quote name=‘indy0077’]Your IP has been blocked… somewhere…[/QUOTE]
I understand that…
But I’m wondering if it’s from the CS Cart admin system (meaning someone other than myself has been able to get in). I had set this up to only allow my IP address (which I guess, may have changed). And, if this is the case, how to go about resolving.
My cart is still functioning, I’m still getting emails, all other aspects work as expected.
Thanks!
[quote name=‘hartllc’]I understand that…
But I’m wondering if it’s from the CS Cart admin system (meaning someone other than myself has been able to get in). I had set this up to only allow my IP address (which I guess, may have changed). And, if this is the case, how to go about resolving.
My cart is still functioning, I’m still getting emails, all other aspects work as expected.
Thanks![/quote]
Yes, that might be only the CS-Cart admin page. You can unlock it through phpMyAdmin in your database… this could be the table: ‘cscart_access_restriction’… but I’m not sure.
[quote name=‘indy0077’]Yes, that might be only the CS-Cart admin page. You can unlock it through phpMyAdmin in your database… this could be the table: ‘cscart_access_restriction’… but I’m not sure.[/QUOTE]
OK. Fixed it, based on your help! Thank you. All appears well. Yay.
The table ‘cscart_access_restriction’ does have the allowed IP address (or range) stored.
Just had to change that to be the new IP address I was handed by my ISP.
It’s not quite that straightforward, but since this is a security issue, if someone needs step by step details in the future (or finding this from a search). We can go there if needed. I didn’t see quite this problem in my searching, so hopefully this will help someone in the future.
Thank you, much relieved now!
Just a notice. If you don’t have a fix IP from your ISP, then you shouldn’t use the IP restriction, unless you want to make this process always, when your IP would be changed.
[quote name=‘indy0077’]Just a notice. If you don’t have a fix IP from your ISP, then you shouldn’t use the IP restriction, unless you want to make this process always, when your IP would be changed.[/QUOTE]
Understand that. My IP address hadn’t changed in 4 years (even though it’s DHCP).
I guess it did yesterday as I made a change to my ISP services, and they rebooted my router remotely. Didn’t even think of it affecting this (like I should have in advance).
With that low of a probability, and the probability of the other bad stuff happening more…I can deal with it now that I’ve had to.
Thanks for the help, it did teach me something I needed.