skip to Main Content

i m using magento 1.9.0.1 and there is a section in

admin area >> system >> Configuration >> General > Design > Miscellaneous Scripts

is there any way i can disable this area so no one can add any script to it, not sure but i tried changed

FTP Login
Cpanel Login
Database Login
Admin Login

And all possible areas and scanned the site as well and found no malware but still, someone adds the following script into

Miscellaneous Scripts

Of my website. here is the script

<script type="text/javascript">
function getValue()
{
document.getElementById("headlineatas").style.display = 'none';
}
</script>
<div id="headlineatas">
<div id="topbar">
</div>
<div id="adsground">
<p align="left"><h3></h3></p>
<script type="text/javascript">
$(document).ready(function(){
$('div#b_icon1').hide();
$('div#b_icon2').hide();
$('div#b_icon3').hide();
$("div#h_icon1").mouseover(function() {
$('div#h_icon1').hide();
$('div#b_icon1').show();
});
$("div#h_icon2").mouseover(function() {
$('div#h_icon2').hide();
$('div#b_icon2').show();
});
$("div#h_icon3").mouseover(function() {
$('div#h_icon3').hide();
$('div#b_icon3').show();
});
$('#bannerfloat03').html('');
});
});
</script>
<div style="left: 400px; top: 300px; width: 338px; height: 280px; position: absolute" id="bannerfloatADS">
<script type="text/javascript">
google_ad_client = "ca-pub-8327339447162748";
google_ad_slot = "4629045516";
google_ad_width = 336;
google_ad_height = 280;
</script>
<!-- opoi -->
<script type="text/javascript"
src="//pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
<div style="left: 260px; top: 11px; width: 110px; height: 0px; position:     absolute" id="h_icon2"><img alt="" src="http://www.icone-png.com/png/22/21536.png" /></div>

It ads google ads on my homepage script as popup, i do remove it from admin but it came back again and again after few hours of removal. Any suggestion on it to stop ?

2

Answers


  1. If you are refering like limit access to someone, try by adding a new role, and user assigned to those roles.
    System->Permission->Roles
    System->Permission->Users

    I strongly would suggest apply all the patches available in order to keep your store secure. If you still are in the 1.9.0.1 version, you are missing a lot of security patches.

    Login or Signup to reply.
  2. Yes. I would recommend to apply patches. For this specific issue. Somebody had brute forced your site and have access to your site admin and password. try to change the password to a difficult one and delete the misc script. If it worked. try to change all credentials for the site

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search