Quote:

Ya know, I didn't realize this.... I started out with frontpage a few years ago, but really i do most everything in notepad now.

One thing i can say is this has been a great learning experience.

i have protector activated and working and have changed pass words.

You know, i really am not sure if my host knows what or how they hacked in. Earlier they sent me an email telling me it was the xmlrpc.php file on my XOOPS site. So then i posted here.

after i posted i thought it might be helpful to have the section of my log file to post. Well they send me a part of my log file for a wordpress site i have on the same server and they say this was the one.

The only thing they are doing is matching the time of the hack with the log file.

Is this how you would normally find this info?

Because i have a couple very busy sites on this server and i'm sure those sites had files accessed at the same time.

I have replied back with the discrepancy and i await a response from them.

*I just down loaded Protector have not activated it yet
*Just Removed Frontpage extentions for that site but still need to do it for all other sites.
*Just disabled anonymous FTP for that site and also need to do for the other sites.
*In the process of changing passwords



Quote:

My Site info: Dedicated Server

XOOPS Version: XOOPS 2.0.13.2 with the october patch
Module Name/Version: Articles .27 / Content .05 / ForumEx 1.24 / Templates cache Cleaner 1. / Contact Us 1. / RSSFit 1.1 / Downloads 1.1 / SiteMap 1.12 /
PHP Version: 4.4.1
MySQL Version: 4.0.25-standard
Web Server Software (Apache/IIS/Other): Apache/1.3.34 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.4.1 FrontPage/5.0.2.2635 mod_ssl/2.8.25 OpenSSL/0.9.7a

Theme you are using: Mambo Taste
Custom template: (No)

A full description of the issue: Today my sever was hacked and my sever company informed me that it was done through the xmlrc file. The hacker Uploaded a bost load of files to the root temp directory.

This has actually been an ongoing problem for the past few weeks. The first was a security problem with viewtopic (According to my Host) so the code was changed. The second and third times they could not tell me an exact point of entry. So after a ton of reading i found that php 4.3.9 has a security problem with globals.... So yesterday i upgraded my php to 4.4.1 and tested the code that my host says the hacker used to breck in and php caught it. So i was thinking i was fine. Then this afternoon it happened again.... but now the host tech guy says it was the xmlrpc file on my XOOPS site.

The other times it was hacked, the hacker uploaded file and did a DosAttack on another site. But this time many more files were uploaded and i caught it before anything else was done.

Sorry the post is long, but this is getting to be a big problem. If i could get some help i would be very greatful.

only some 404's are handled by the server and have a 404 returned in the header. Then you can have a custom 404.

However, if the error url has something like /?page_id=8
then XOOPS handles it and it shows the content of the home page. This is a problem that i am trying to solve myself.

When XOOPS handls the a page that does not exist it will also show a 200 in the header and not a 404.

So if you are switching from a different cms to XOOPS and had urls like /?page_id=8 the search engines will see the same content on all you old urls.

So if someone has a fix for this so XOOPS can return a 404 in the header and a custom page... it would be helpful.

I also tried to do a 301 redirect with this typr of url and it also does not work.

I have tried this url on other XOOPS sites and it does the samething so it is not something that is only relivant to me.

I hope i explained myself clearly... i posted in this thread because it was sort of on topic.... if i should have started my own thread please advise and i will.


thanks for any help

dave

I'm wore out....

i have tried every variation i can think of , single quotes, double quotes relative path, absolute path, include, include file, include once, all with and without under_scores and other possibilities i can't remember.

The difference now is before i could see the statement in the source code and now by using <{ }> the statement is not visible in the source and that's what is supposed to happen. but it still does not print anything.

However, one of the variations i tried, It printed the geo1.php script in the source code, but it was not visible in the browser.

Any other thoughts would be appreciated as were the previous ones.

Oh yea, i also moved the geo1.php script to the same folder as the template and still no difference.

Thanks,
dave

i started off trying to get a php script to work

"phpGiggles"

Could not get it to print so i tried a little geo-ip script that i use with other sites.

This is the statement i normally use to get the geo-ip script to work

<?php include('/home/removed/public_html/test/geo1.php'); ?>

i placed it in different placed with-in the template theme... as of right now i have it in the bottom of the html just before the </body> tags. I have updated the system module and when i look at the page in my browser and check the source code i see the statement sitting there.

i am trying to use a php include on XOOPS 2.0.13.1 and can't seem to get it to work...

can this be used with xoops?

i have no idea why i thought it was more than that... but after you replied i looked at it again and ... it was easy.

thanks :)
dave

I have 2.2.2 installed and want to be able to move the Extended Profile and Private Message links to the User Menu Block.

It looks like it's more than just editing the templates... I'm not positive. so, if anyone could give me some pointers or instructions it would be great.

thanks
dave