31
jdseymour
Re: stopping hackers

Quote:

MikeShane wrote:
I'm afraid it is a XOOPS problem.
The attacks using this i frame injection is on Xoops, joomala, word press and other php driven sites. This means that there is something using php that the weakness is at. Thats why I'm looking for information on how they did it. One of the things id did was diable my protector so it was not accesable. I had a week old back up replacing the infected sites. The attack was only on two 2.3b XOOPS sites and one joomala site on same server. Nothing on html sites or an older XOOPS site that has not been updated yet.


It is the server that handles (interprets) php.

3 things to look at.

1. What user does the (apache) server run as?
2. What user owns the files on the server?
3. What are the file/folder permissions?

Answers should look like this:

1. server runs as a non privileged user (usually as apache).
2. Files and folders should be owned by the non privileged user the server is running as (in the above case apache).
3. Files should be 644 or -rw-r--r-- folders should be 755 drwxr-xr-x .



32
jdseymour
Re: Just looking for a simple module

xhld can be found here:

http://xoops.peak.ne.jp/md/mydownloads/singlefile.php?lid=60&cid=1



33
jdseymour
Re: I'm missing something basic here

Your very welcome. And there are more there. Maybe one day I will get around to updating them.



34
jdseymour
Re: I'm missing something basic here

Hello Watchmanz,

Take a look at these tutorials on my site:
http://www.warpigw2.com/modules/smartsection/category.php?categoryid=4

Even though it is an earlier version of xoops, the method is the same.



35
jdseymour
Re: module uninstallation problem please help

taliessen,

Yes, Backup before any changes. If you are not sure what to do, wait until tomorrow (Saturday), I will be online and can help chat you through it. Live Help will be on after 10 am EDT US on my WebServerMasters site (see the link in my sig).



36
jdseymour
Re: module uninstallation problem please help

server space.



37
jdseymour
Re: module uninstallation problem please help

No. Do you have a control panel with your site? If so you might have it already



38
jdseymour
Re: module uninstallation problem please help

Then the only thing that can be done is manually removing the module tables from the database. Easiest with phpmyadmin.



39
jdseymour
Re: module uninstallation problem please help

You do not need to reinstall, just upload and click on the uninstall icon. (When you click the uninstall icon it goes through a process to remove the database tables for that module.)



40
jdseymour
Re: module uninstallation problem please help

Looks like you just disabled them, then deleted the files from the server. You need to reupload the files and finish the uninstall process - click the folder with the red dot and follow the menu.

If you need to see how see this:

http://www.warpigw2.com/modules/smartsection/item.php?itemid=5




TopTop
« 1 2 3 (4) 5 6 7 ... 330 »



Login

Who's Online

217 user(s) are online (147 user(s) are browsing Support Forums)


Members: 0


Guests: 217


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits