| Author |
Message |
nextgen
Joined: Feb 09, 2007
Posts: 23
Location: Maryland
|
 Posted:
Sun Mar 01, 2009 9:07 pm |
|
I had the DS running with my site for a while till i changed domain. I installed the Shop within the latest ravennuke release and in less then 24 hours my shop was destroyed. I had to reupload all files and will have to reinstall because now i cannot even create a new category. Is the Shop a secure add on ? I am terribly worried now to even put in my paypal info etc because of the occurance. Any ideas on how to beef up the security. It was hit atleast 7 times by the emails i recieved on the hits. |
| |
|
|
|
gotcha
Site Admin
Joined: Oct 25, 2004
Posts: 921
|
| Posted:
Tue Mar 03, 2009 2:04 pm |
|
Were you using the 2.30.0 release? There were some security fixes released recently and it is possible they got in through those. As far as the shop's security, it is very secure when used correctly. If your on a shared host, someone could easily access(if the host hasn't taken the necessary steps to protect against this type of thing) your config files with the database info and mess any table up. Also, I don't think you would have to worry about putting your paypal info in the shop because its just an email address. As long as you don't use the same password for everything, they can't get into your account.
Do you have your access logs from that day? Also, what was in the emails? |
| |
|
|
|
floppy
Joined: Nov 29, 2006
Posts: 85
Location: Jackson, Mississippi
|
| Posted:
Tue Mar 03, 2009 8:57 pm |
|
Just chiming in where I feel it. I think shop is very secure. If you had a security issue, I am hard pressed to believe the hole was purely shop. I would love to see those logs also.. |
| |
|
|
|
|
|
NukeCoder
