Full service web hosting, great prices and support. Starts at $1.99/month!
Results 1 to 4 of 4

Thread: Security Issues..still?

  1. 06-05-2006, 08:42 AM #1
    adiwillow
    Guest

    Default Security Issues..still?

    Hi all,

    Were still having problems with spamming via our OSCmax sites. I've done the security issues as far as i'm aware, or perhaps they were done already in my version ? There is loads of '// EOF: MS2 update 501112-Added ' comments in general.php etc.. so i'm assuming they're done.

    Anyway, were STILL getting blocks for email flooding on our OSC accounts..

    Are there any security issues which have been overlooked? Is it possible that the Admin levels contrib is being exploited and emails are being sent from the admin panel?

    i really need to sort this.. has anyone any pointers , or can anyone confirm if the 501112 security updates really are secure?

    Thanks
  2. 06-11-2006, 08:26 AM #2
    jpf
    Guest

    Default RE: Security Issues..still?

    Are you asking about "Contact us"? part. Or your just getting alot of SPAM in your inbox?

    Thing to do:
    - Change your email address. ONLY use a certain email box for your automated MAX mailing to your self.

    - Use a differnet box for emails going out to users. IE - Automated email - do not reply - as you don't check this mailbox - type of mailbox.

    - Secure your ADMIN and SQL password (change both passwords)

    - Move the ADMIN to another DIR.... ie: /catalog/secret_dir/that_is/hard_to_guess/admin..... (remember to book mark it!)

    - Remove the contact us screen. Or add a human confirmation code.
  3. 06-11-2006, 08:28 AM #3
    jpf
    Guest

    Default RE: Security Issues..still?

    Are you asking about "Contact us"? part. Or your just getting alot of SPAM in your inbox?

    Thing to do:
    - Change your email address. ONLY use a certain email box for your automated MAX mailing to your self.

    - Use a differnet box for emails going out to users. IE - Automated email - do not reply - as you don't check this mailbox - type of mailbox.

    - Secure your ADMIN and SQL password (change both passwords)

    - Move the ADMIN to another DIR.... ie: /catalog/secret_dir/that_is/hard_to_guess/admin..... (remember to book mark it!)

    - Remove the contact us screen. Or add a human confirmation code.
  4. 07-23-2006, 11:27 AM #4
    kenlyle
    Guest

    Default RE: Security Issues..still?

    I just ran a ScanAlert scan on my OSCMax domain, and they said:

    "
    WebApp Cross Site Scripting

    The remote web application appears to be vulnerable to cross site scripting (XSS).
    "
    This was only two days ago...
    ...but they also misidentified the application as CubeCart - I am working with them...If I forget to post back within a week, somebody nudge me by PM.

    Thanks,
    K
« Previous Thread | Next Thread »

Similar Threads

  1. Other Paypal Issues
    By timbrrr in forum Paypal
    Replies: 43
    Last Post: 10-01-2008, 06:38 AM
  2. PayPal IPN Issues
    By usedcpus in forum osCMax v2 Features Discussion
    Replies: 8
    Last Post: 07-25-2006, 04:55 AM
  3. Help on 2 issues Please
    By DBComics in forum osCMax v1.7 Installation
    Replies: 1
    Last Post: 04-10-2006, 07:04 PM
  4. 2CO Issues
    By auntie22 in forum osCmax v1.7 Discussion
    Replies: 0
    Last Post: 05-28-2004, 11:51 AM
  5. Are there any security issues running in root?
    By DMG in forum osCmax v1.7 Discussion
    Replies: 2
    Last Post: 01-25-2004, 05:23 AM

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules