Sanjoy Roy

[MCM, MCP, SCJP] – Senior PHP Programmer

My site is hacked what to do?


If you are running store using creloaded 6.2 try to find the following signatures from your PHP scripts:

base64_decode
ob_start_flush
try_pick_colors
engines110
CoreLibrariesHandler

Mostly they are injected at the top of each files <?php //// ?>
Check the .htaccess file
Remove all uploaded .php script from /images/ directory.
Apply the patch.
https://www.creloaded.com/fdm_file_detail.php?file_id=191 (You need to register and login to creloaded site before you can download)
Change the /admin/ directory name.
Put a .htaccess password to /admin/ directory

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: