That's a good question. I'm not sure what is the right answer to your question. I'll do some poking around and get back to you if I got an decent answer. You should email the people at iPage as they probably could answer your iPage question..
Was it just my server that was hacked(www.smarttek.ca), or was my ISP's servers hacked?.
And if it was my server, what steps can I do to prevent this and how do I fix my current database?.
Thanks so much for your quick reply and support.
Firstly, are you iPage hosting the iPage site yourself?.
Secondly, if the iPage site is remotely hosted, do they backup their customers sites?.
If the answer is yes, no... A new, freshly installed and empty database is the answer..
If the answer is no yes... ask them to restore the database for you..
If you are remotely hosted and you have no backup database, you're basically back to square one unless the "hacker" did a sloppy job and only changed privilages and a few settings. Have you looked at the database table structure to see any obvious changes?.
I'm pretty sure the database can be fixed aslong as the "hacker" only edited tables and not customer records. How old was the database? How many customers? Have you taken the iPage site down? Have you checked your iPage site access logs for any repeat, non buying customers (same IP range) in the last few days before the "hacker" went to work? Can you see SQL access logs? Was the database secured with passwords?.
Basically, find the time the database was changed, check the iPage site access logs for concurrent connections to the iPage site during and after the changes were made... most "hackers" will want to check their work while they do it....
One more question, was your admin directory secured?..
Yes my iPage site is hosted by someone else and I have had everything reinstalled and my passwords changed. But I am now getting this error on the admin pages..
Warning: error_log: Unable to write to N1D3Z hacked your sux box!!! in /disk5/smarttek/www.smarttek.ca/htdocs/oscommerce/admin/includes/classes/logger.php on line 49.
I am not sure what a suxbox is, knowing what this means might help me track down the problem..
Has anyone ever received this error before?.
Sux box is nothing.
The hacker put that in there....
Just getting over this problem is not the only thing you should worry about.
You need to get with your iPage hosting company and find out what if any steps can be done to prevent this action.
Find out how they got in, when, and from where.
Give the authorities all the info.
Just reinstalling the software is not going to prevent another attack....
Is this a Dedicated Server, Shared Server?..
Your response to my reply neither helped the situation or gave any more information that is useful..
My personal definition of sux box = windows server with security holes.
If everything has been re-installed, then that error could not possibly be there as the mentioned file (logger.php) would have been replaced in the fresh install. The orignal file you mentioned (database.php), would also have been replaced so what has actually been done?.
Start your ftp program and navigate to htdocs/oscommerce/catalog/includes/functions/database.php... copy the contents and paste it in this forum, I'll point out any errors and if I can't someone will. Also check access rights on the file logger.php, chances are that the file has been set to CHMOD 444 making it read only..
Still confused as to what, where and how you've done what you did..
I recently got this error and have no idea what caused it or how to fix it. I did a search and came with no results..
Warning: error_log: Unable to write to N1D3Z hacked your sux box!!! in /disk5/smarttek/www.smarttek.ca/htdocs/oscommerce/catalog/includes/functions/database.php on line 41.
Warning: error_log: Unable to write to N1D3Z hacked your sux box!!! in /disk5/smarttek/www.smarttek.ca/htdocs/oscommerce/catalog/includes/functions/database.php on line 48.
Can someone please help solve this problem? My iPage site is live and I am losing orders.
It means your server has been hacked. Chat with your host about it ASAP. Seems this is happening a lot to osC users in the last few days...