Mid May 2009, an unusual hit to my site caused me to check out my error logs for my site. I discovered some logs which suggested that some files had mysteriously appeared (ie. a hacker uploaded them) to my site. Further investigation revealed these files to be uploaded early May 2009 and that they were causing another set of errors to appear, showing someone trying to access a file in my Cubecart (an out-of-the-box program used for shopping online) software. The logs further suggested that the access was attempting some unusual and unsafe activity; ie. hacking.

Concerned, I contacted the Cubecart programmers, as well as my web host and user-to-user forums. No one could specifically explain to me what the files/logs showed, but CC programmers did inform me that this was a ‘cross site vulnerability’ (info on what that is can be found here) and that this issue was recently discovered and a patch provided for in the latest CC version. I had recently upgraded to this very version before this hacking problem occured. 

Due to the nature of the attack, and my better-safe-than-sorry approach to shopping online, I chose to shut down the CC section of my site immediately and warn previous customers that their information may have been stolen (I did not and do not store credit card info). This all occured despite my use of SSL certificates and encryption of data, password protected sensitive areas, correct permissions on folders and files, and so forth.

Having spent a year wrangling with CC, and having problems from both the customer’s POV and mine, I decided to stop throwing good money away and try a different shopping experience altogether. I’m particularly frustrated at spending what has amounted to more than $700 on a shopping cart program that has not only not worked, but not been secure.

In the meantime, I have decided to avoid running a shopping cart system altogether - too much hassle reinventing the wheel, and locks to go with it - so I will be selling online using sites like Etsy.com, and Amazon or Lulu for my patterns. You will still however be able to browse my products online right here at my site; just the buying part will be done elsewhere.

I sincerely apologise to anyone who is inconvenienced by this change, I assure you it has only been done to ensure easier, faster and more secure shopping at Puppets in Melbourne.

If you received a coupon from me in the past: with the new system, there is no way of automatically using the coupons. Please contact me and I will manually update your order/s if you choose to use them.