Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

mail_open
Check your Cpanel logs for 198.136.25.82
Steve Froggatt
Member
June 14, 2015 - 2:49 pm
Member Since: May 2, 2014
Forum Posts: 514
sp_UserOfflineSmall Offline

My site ahas been well and truly hacked and appears to have come from this address 198.136.25.82 Might be worth checking your logs for it, however if it is there it may well be too late, it may well be worth banning it from cpanel

Steve

Avatar
Matthew Ogborne

Founder
June 15, 2015 - 4:23 am
Member Since: July 18, 2013
Forum Posts: 4565
sp_UserOfflineSmall Offline

Howdy Steve,

Well that sucks nuts.

Daft question, do you have a previous backup you can use to pull the site back up with?

Matt

"Selling an item online is easy, but making living from a business that sells online, well that’s something different entirely!"

Ultimo Magento Theme

Steve Froggatt
Member
June 15, 2015 - 7:09 am
Member Since: May 2, 2014
Forum Posts: 514
sp_UserOfflineSmall Offline

Yes we had to go back to the 5th. It’s all simple servers had. It appears that whoever did it also managed to stop R1 backup working. Not only that they also ended all of my eBay listing. Not sure why they didn’t end my Amazon ones

What is more frustrating is not knowing how they got in. I now need to hunt down some backup software that will back the database up every day and automatically ftp it to me.

Steve

Avatar
catgirl
Member
June 15, 2015 - 12:13 pm
Member Since: March 23, 2014
Forum Posts: 227
sp_UserOfflineSmall Offline

Hi Steve,

I feel your pain, the same thing happened to us earlier this year :-(

Don’t forget to also run a full system scan on your PC just in case.

Sam.

Avatar
Dave Furness

Founder
June 15, 2015 - 12:53 pm
Member Since: July 19, 2013
Forum Posts: 4606
sp_UserOfflineSmall Offline

So sorry to hear this Steve!

It’s such a shame people go out of their way to ruin things that others work so hard for!

Please keep us updated and if there is anything you think we can help with, just ask.

Dave

Every expert was once a beginner

SimonY
Member
June 15, 2015 - 4:07 pm
Member Since: May 15, 2014
Forum Posts: 235
sp_UserOfflineSmall Offline

Sad news.

I recently found someone testing my site using the shoplift bug tester at http://shoplift.byte.nl/ I guess there’s only one reason someone would be using that on my site.

Probably worthy of a decent conversation on the weekly webinar.

Avatar
Dave Furness

Founder
June 15, 2015 - 11:04 pm
Member Since: July 19, 2013
Forum Posts: 4606
sp_UserOfflineSmall Offline

Hi Simon & Steve,

I have added the IP and the Shoplift Big to the AOB section of tomorrows slide deck so we can discuss this a little further in person.

Hope to see you both there.

Dave

Every expert was once a beginner

Steve Froggatt
Member
June 15, 2015 - 11:11 pm
Member Since: May 2, 2014
Forum Posts: 514
sp_UserOfflineSmall Offline

What’s happening tomorrow?

Avatar
Dave Furness

Founder
June 15, 2015 - 11:16 pm
Member Since: July 19, 2013
Forum Posts: 4606
sp_UserOfflineSmall Offline

Tomorrow we are talking Flubit and will be joined by Andy Stephen who is there Head of Merchant Relations

Every expert was once a beginner

Steve Froggatt
Member
June 15, 2015 - 11:24 pm
Member Since: May 2, 2014
Forum Posts: 514
sp_UserOfflineSmall Offline

What time when and link? I haven’t been getting any notifications for months if it’s the coffee mornings you are refereeing to.

Steve

Avatar
Dave Furness

Founder
June 15, 2015 - 11:26 pm
Member Since: July 19, 2013
Forum Posts: 4606
sp_UserOfflineSmall Offline

Hey Steve,

How weird! Yea they are 3pm Tuesday Afternoons, the link to join is here: https://attendee.gotowebinar.com/register/8722534959079465474

Hope to see you there

Dave

Every expert was once a beginner

Tim Riley
Member
June 16, 2015 - 1:10 pm
Member Since: April 5, 2014
Forum Posts: 163
sp_UserOfflineSmall Offline

Hi Steve

Sorry to hear about your troubles, hope you can get it sorted soon.

Can anyone point me in the right direction to check for 198.136.25.82 in cpanel?

Cheers
Tim

Avatar
Jim @ Moogento
Global

Partner
August 4, 2015 - 7:54 am
Member Since: November 7, 2013
Forum Posts: 688
sp_UserOfflineSmall Offline

Quick add-on – if you’re running your own VPS/dedicated, a good tool to setup on your server is fail2ban. This will auto-block IP access, and can be setup for multiple attack angles. Default is to check SSH access queries. First time I turned mine on it blocked 30,000 IPs in about 10 minutes…

  • pickPack - smarter Magento packing sheets and warehouse picklists
  • shipEasy - process multiple orders with no sweat & get a visual sales overview easily

Avatar
Jim @ Moogento
Global

Partner
September 29, 2015 - 1:39 am
Member Since: November 7, 2013
Forum Posts: 688
sp_UserOfflineSmall Offline

Addon to this thread, a buddy had 3 of his Magento installs hacked 2 weeks ago, and all backups deleted (they were on the same server). Good point to remind everyone – make an off-site backup.

  • pickPack - smarter Magento packing sheets and warehouse picklists
  • shipEasy - process multiple orders with no sweat & get a visual sales overview easily

 

Why Should You Join UnderstandingE?

 
  • Access to over 500 step-by-step video tutorials
  • +20 video courses available
  • Magento, M2E Pro, Magmi, eBay, Amazon & Design all covered
  • Everything is in 100% Plain English
  • Learn how to build your own multi-channel software for eBay & Amazon
  • Access to the community forums, meet fellow business owners like yourself

Join Now with 2 Clicks

 

Join now for less that £1 per day you can gain access to over 400 step-by-step video tutorials & learn how to build your very own multi-channel software.

 

Forum Timezone: Europe/London

Most Users Ever Online: 1012

Currently Online:
27 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

Jim @ Moogento: 688

Steve Froggatt: 514

Badeth - UE: 513

Jimbob: 453

Paul Cartwright: 414

Forum Stats:

Groups: 6

Forums: 37

Topics: 5223

Posts: 27502

Administrators: Matthew Ogborne: 4565, Dave Furness: 4606