Zen Cart & Siteground Users Beware – Hack
I manage several Zen Cart shopping cart systems on a Siteground Hosting Platform and was greatly shocked to find that I had been hacked! It was pure chance/luck that I happened to be browsing the sites using firefox with the user agent set to googlebot. To my astonishment, the home pages of the sites had become a link directory to viagra style spam sites with over 100 links strait from the website home pages! After a little digging I discovered that in the admin, under tools->define pages editor->define main page the following code had been inserted at the top:
Zen Cart Main Page Hack Code
Zen Cart Main Page Hack Code
I have no idea how it got there but the worst part is that if you are using a browser, you will never even know you got hacked unless you directly check in the admin or you set your user agent to Googlebot. This way you are unknowingly passing pagerank to all spam sites and you will never be the wiser while your rankings begin to plunge. My suggestion to all who read this…check your define pages code as well as your htaccess files for hacks as well as making sure that no strange keywords are all of a sudden appearing within the keywords section of Google Webmaster Tools.
I hope this helps and good luck!
To all you hackers/black hat SEO people out there that use this type of methodology for links…why not stop doing things the cheap way and you may actually achieve some degree of success that won’t eventually bite back.
Additional Information
Places to check to see if your Zen Cart has been hacked:
Login to your admin and check the following sections.
- Tools >> Define Pages Editor
- Configuration >> My Store
You should also check your footer file to make sure that it has not been hacked. If you see SPAM links within your footer, they are most likely caused by the code within the My Store section or code within the footer file.
Zen Cart Root >> Includes >> Templates >> YOUR_TEMPLATE (template default if not modified) >> common >> tpl_footer.php
If you see SPAM links within the body then they are most likely caused by the hack within the Define Pages section of Zen Cart.
For more information on how to detect if your site has been hacked see the Google Webmaster Guidelines.
Stumble Upon
Del.icio.us
Buzz
August 13th, 2009
My Zen cart got hacked and my daughter fixed the admin panel but I noticed that 2 of my categories had also been hacked with spam under the description. Are there any other places that I should be looking?
August 13th, 2009
You should also check your tpl_fotter.php file under common templates and your email templates. Please feel free to add any other locations that you can discover.
August 20th, 2009
My Zen cart was not yet live and it was hacked in the same way. My rankings dropped now I have a bunch of links that look like this:
/map.php/?pmccv=42
/map.php/?pmccv=17
/map.php/?pmccv=34
Each one has several links to other Zen Cart sites around the world.
How can i get rid of all these links and improve my rankings with google?
D
August 20th, 2009
Hi Doug,
To answer your questions I would need a little more information.
1. How long and how well has your site been ranking and in which search engine? I assume you mean Google.
2. What is the URL of your site as I cannot determine how to get rid of the links if I do not know where they are.
I am happy to help once you provide the information.
August 31st, 2009
Hi, my site seems to have been hacked as well and its an up to date version of Zencart according to the admin… My store name was changed to something containing html at the end of the store name. It stopped visitors to my site from being able to register.
Cheers for the post, will check those other places now and see if the bad code is anywhere else!
September 11th, 2009
Hi, Thanks for this info, i think my site may have been hacked, but wasnt sure where to check for the links. Thanks again.
November 30th, 2009
I have to say I concur with most of what is being stated here. I’m gonna have to have to snatch the rss so I can keep tabs. on what is going on here.