Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Hacked Rate Topic   - - - - -

 
  • makstudios
  • Junior Member
  • Members
  • Join Date: 17-Feb 06
  • 8 posts

Posted 02 June 2007 - 08:39 PM #1

Posting your cs-cart website here is a direct invitation to be hacked. Please be careful!
Regards,
Michael A. Karr
MAKstudios Custom Web Design
www.makstudios.com

 
  • SWS
  • Senior Member
  • Members
  • Join Date: 30-Oct 06
  • 798 posts

Posted 02 June 2007 - 11:08 PM #2

perhaps if urls where only in signatures, and signatures where only visible to registered users..

Saying that though, you could say the same about any other system who have "our clients" or showcases etc..

Everything out there is open for attack, it all depends on how paranoid you want to be. Im always getting my server attacked but for a different reason, nothing to do with CS-Cart

I do agree that guests should only get to see some things, Vbulletin is quite good in this respect and allows a lot of flexibilty between usergroups.
[SIZE=3][/SIZE]

 

Posted 03 June 2007 - 12:10 AM #3

Posting your cs-cart website here is a direct invitation to be hacked. Please be careful!


While I'm usually the first to not forward this motion,
my websites don't have any linking whatsoever apart from the cs-cart forums while it was in testing. This means I was targeted simply but my sigs.

I'm not saying you WILL be hacked but then again it's like all brick and mortar stores. It's bound to happen one day. (My webhost has informed me months ago that this was happening routinely)
I've moved on from CS-Cart to WooC******** - If you need anything I can be of little help.

 
  • argentice
  • Senior Member
  • Members
  • Join Date: 11-May 07
  • 383 posts

Posted 03 June 2007 - 09:04 AM #4

I'd say it was less to do with posting on this forum and more to do with finding a query that lists hundreds of CS-Sites sites on google. Hackers will want to hit as many sites as possible and hit them with an automated tool. Looking through each post on this forum is unlikely to be the most efficient way of doing it. However, it may get you listed on Google.
Rob

 

Posted 03 June 2007 - 10:12 AM #5

Looking through each post on this forum is unlikely to be the most efficient way of doing it. However, it may get you listed on Google.


It depends, socially crafting a community site that is potentially full of users just starting out using cs-cart means there's an entire pool to play with.

Simply google "/skins/default_blue" and see how many results you get.
Obviously without mention most of these sites are listed due to inexperienced users creating their own store (no I'm not flaming anyone) and/or not closing directories. I reckon with enough luck it would be possible to 'steal' the entire 1.3.4 Sp2 release by navigating a few sites.

Depending on what you do or don't know you're going to feel the pinch sooner or later.
I've moved on from CS-Cart to WooC******** - If you need anything I can be of little help.

 
  • Zyles
  • Senior Member
  • Members
  • Join Date: 06-Nov 06
  • 596 posts

Posted 03 June 2007 - 11:04 AM #6

If you can't post a site saying "I run this software". The software does not have good security measures.
Marketing tip:

Did you know a targeted e-mail marketing campaign can bring conversion rates up to 3.9%? By using reliable e-mail marketing software you can upsell to existing customers on a tight budget. If you are not using e-mail marketing you are missing out big time. I recommend and use Aweber.

 

Posted 03 June 2007 - 11:08 AM #7

If you can't post a site saying "I run this software". The software does not have good security measures.

I recently became aware with another senior member of CS-Cart in how to possibly DDOS a website via very simple methods.. Zyles usually has his points:mrgreen:
I've moved on from CS-Cart to WooC******** - If you need anything I can be of little help.

 
  • MikeK
  • Senior Member
  • Members
  • Join Date: 26-Apr 06
  • 434 posts

Posted 03 June 2007 - 04:33 PM #8

Ah yes, the ever increasing value of a backup. ;)