Kirby,
I'm glad your host found the issue. It would be helpful to know exactly
what they found so that those who did visit the site would know the
potential malware they might now have on their computer.
I noticed Paul reported an error message which identified a php shopping
cart called wp-e-commerce. Apparently that is a free shopping cart.
You might want to check with the cart developers to make sure it is PCI
compliant. There are a huge number of php programmers in the world and
some of them spend their time looking for ways to break into shopping
cart systems. It is essential that you maintain the very latest version
of the shopping cart to minimize the chance of being exploited. Most
shopping cart systems have been found to be vulnerable and they usually
respond by updating their software. Search Google for this:
wp-e-commerce vulnerable
You will see there are recent reports of cross scripting vulnerability.
You'll need to check with the cart vendor to get the updates to fix
that. I don't know if that cart system has an automatic notification
when updates are available. Most have a popup in your administration
screen that notify you that updates are available. If they don't or if
they are not PCI and PA-DSS compliant you might want to shop around for
another cart system.
--
Bill Weiland - Emporium Plus http://www.emporiumplus.com/SFNT.html
Facebook http://www.facebook.com/EmporiumPlus
Twitter http://twitter.com/emporiumplus
|
Visit the MoPo Mailing List Web Site at www.filmfan.com
___________________________________________________________________
How to UNSUBSCRIBE from the MoPo Mailing List
Send a message addressed to: [email protected]
In the BODY of your message type: SIGNOFF MOPO-L
The author of this message is solely responsible for its content.
