Zen Cart Site Hacked

If you use a software platform such as ZenCart to build your e-commerce web site with, it is very important to stay up to date with Zen versions and security patches.

That's all very well said... but if you are reading this then chances are your Zen Cart site has just been hacked!, and you are looking for some support to get it up and running again.

What can be done?

First of all you need to get the site working again, and/or plug the vulnerability that was taken advantage of by the hacker! Then you will need to consider taking additional steps to secure your Zen Cart store does not get hacked again.

We at Amplify, provide Zen Cart upgrades and security consulting for ZenCart store owners, if you would like us to assess your site, restore it from a hack or help tighten up security around your ZenCart install then please contact us today for a quotation.

Here is a bit of free advice:

Report the Zen Cart Hack your Web Hosting Company

Your Web Hosting company should be able to provide more information about the hackers and how your zencart site was explioited by the hackers. It is also important to inform them so they can put measures in place if the server is seeing unusual traffic and attempts to bring the server down. There may be other ZenCart websites on the server, or web sites that have also been affected by the hackers.

Check your files for changes

Most Zen Cart websites do not contain an index.html page, if your site has this then check it out and either rename or delete this (saving some form of copy first in case it can help to provide further hacking information). Go through your fileset and compare files against a backup copy you have (now's not a happy time if you don't have one!) Ask your web host if they keep backups of the site and make sure you take the time to go through the files carefully. It's not a pretty job and can take time, but it may save you the embarrassment of it happening all again if there is a leakhole in your code or functions.

Upgrade files and Zen Cart versions

One of the most important, but yet often overlooked functions is to stay up to date. If the developers of ZenCart recognise that there is an issue with the code, then there really is! And for a few pounds spent now... could save you a whole headache later on!

Change all Logins and Check Email Actions

It is good practice anyhow, but if hackers have accessed your Zen database then they will probably have a list of your admin user data, and possibly customer data! Make sure that you delete any Admin users not being utilized, and change all logins right away.

Backup Regularly

It cant be said enough.... Make sure you take a copy of your main site directory and especially your databases. A bit of effort now could be the diffence between your business surviving or going under after a hacked website with no backups available.

Consider a Security Consultant to help you

People regularly ask us here at Amplify for security consultancy work and zencart advice after their zen site been hacked! We provide them with a costing, and for many enquiries... often never hear back again!
Some ZenCart users tend to think that because the software is free, everyone should work for $20 to do a days work upgrading their files and checking against backups. It is not the case and I make no apologies in saying we are good at what we do and charge for our time accordingly. We can help secure your Zen Cart with additional steps and measures not mentioned above and get your business on track again. It can take time, depending on the damage done and state of your build, so make sure whoever looks at your site does a proper reccie first and takes a copy of the hacked files and database. This info can help when trying to find the vulnerability.

It is much easier to stay up to date, put measures in place that stop you getting hacked, than it is dealing with the mess that can be left after an exploit on what is usually a primary tool for your business.