Site hacked and settings in payment module changed

  • Posts: 8
  • Thank you received: 0
12 years 10 months ago #33882

Our site was hacked during christmas and our paypal payment module was changed so all payments and order e-mails and payments were passed on to a e-mail address similar to ours.

Anyone else experience this? Are the hackers in this case targeting Hikashop or did they just happen to hack our page?

Is there a security problem and how do we protect our site from this so it doesent happen again?

Please Log in or Create an account to join the conversation.

  • Posts: 82868
  • Thank you received: 13376
  • MODERATOR
12 years 10 months ago #33885

It's not a security issue in HikaShop.
Once a hacker has gained access to your back end, he can do pretty much anything and change your HikaShop configuration.
A hacker can gain access to a website from many ways:
if you use a simple password, it could just figure it out. So make sure that you use a complex one.
he can use a hole in one of the components/modules/plugins/templates of your website or even joomla if it's not up to date. So you should not install extensions which are not widely used and if you don't use one, you should remove it. Finally, you should update joomla and the extensions on your website regularly.
Also, there are security plugins/components that you can use to increase the security of your website:
extensions.joomla.org/extensions/tools/security-tools

Please Log in or Create an account to join the conversation.

  • Posts: 8
  • Thank you received: 0
12 years 10 months ago #33886

Thank you for the quick reply Nicolas,

The password should be hard to figure out and we change them on a regular basis and we don't have many plug-ins installed so my guess it is joomla that we need to update :(

Please Log in or Create an account to join the conversation.

Time to create page: 0.068 seconds
Powered by Kunena Forum