1
tedsmith
Emergency!! Please help!!
  • 2005/10/6 17:50

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


Aaaahhhhh!!! Please help!!!

I've not changed anything since I last accessed my site, and when i went to it today I get the following error :

"XOOPS path check: Script is not inside XOOPS_ROOT_PATH and cannot run."

No site, nothing. I can't get to the admin page or anything. I've done a search and the only post I found here at XOOPS was this but it doesn't relate to me because I've made no changes. Has it been hacked? I notice that the error message is written on line 58 of mainfile.php in a section relating to protection against external scripts?

I have Protector installed and so thought I'd be protected against most attacks.

I am really desperate because the site is going to be showcased live in less than a week!! HELP!! Here is the URL - go and have a look...www.f3.org.uk

Ted

Xoops 2.0.13.1
Not privately hosted

2
kaotik
Re: Emergency!! Please help!!
  • 2005/10/6 17:58

  • kaotik

  • Just can't stay away

  • Posts: 861

  • Since: 2004/2/19


using ftp, try empting /templates_c and /cache then update your instaled mod's to refresh.
www.kaotik.biz

3
tedsmith
Re: Emergency!! Please help!!
  • 2005/10/6 18:00

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


I have tried deleting the content of both folders, but a) there is no change and b) I cannot update the modules because I can't access the admin area...

Ted

4
kaotik
Re: Emergency!! Please help!!
  • 2005/10/6 18:00

  • kaotik

  • Just can't stay away

  • Posts: 861

  • Since: 2004/2/19


to clarify:
there's been cases of hackers changing cached files. Problem can be solved by deleting said files and updating mod.
www.kaotik.biz

5
tedsmith
Re: Emergency!! Please help!! Have I been hacked?
  • 2005/10/6 18:02

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


Thanks, but I have deleted the files and am unable to access an admin section of the site so I can't update the modules to refresh.

6
kaotik
Re: Emergency!! Please help!!
  • 2005/10/6 18:09

  • kaotik

  • Just can't stay away

  • Posts: 861

  • Since: 2004/2/19


do you have any custom blocks running? you could try temporarily renaming them. you could also temporarily rename your mods, it will give you an error but should give you access to login.
www.kaotik.biz

7
tedsmith
Re: Emergency!! Please help!!
  • 2005/10/6 18:12

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


I appreciate your help but you are not hearing me. I cannot access the system admin AT ALL or any area of the site. I am totally 100% locked out of it. All I can do is access the filves via FTP. So I can't rename modules, disable blocks or anything.

8
Herko
Re: Emergency!! Please help!!
  • 2005/10/6 18:16

  • Herko

  • XOOPS is my life!

  • Posts: 4238

  • Since: 2002/2/4 1


whoa kaotik, that's not the cause! Don't scare people with hackers when it's actually security that's causing it: it's a lockdown!

The cause is most likely that your host moved your account to another location, but kept an alias link pointing to your old path. XOOPS tends to detect the *real* path, and not the symlinked one, where this is concerned. Actually, this is a security system kicking in, preventing others from accessing your mainfile.php file from other accounts on the same server

So, now you know the cause, how to solve it? You will have to find out the *real* physical path to your website. One way to do that is to create a file called 'test.php' (or whatever you want to call it), and put the following code in there:
[code]<?php phpinfo(); ?>[/ocde]

Then, upload to your site root, and load in your browser. Then you get a long page with all the php info for your server and account. See if you can find a script_path entry, or something similar, one that should display the whole path to your site.

Perhaps a developer will say that there is an easier way to detect the physical path to your site, but this worked for me

Herko

9
kaotik
Re: Emergency!! Please help!!
  • 2005/10/6 18:17

  • kaotik

  • Just can't stay away

  • Posts: 861

  • Since: 2004/2/19


I was talking about renaming files/dirs using ftp. There is probably some bad code that is causing this, by renaming dirs/files you could stop it from being called when loading your homepage, thus giving you access to login.
www.kaotik.biz

10
tedsmith
Re: Emergency!! Please help!!
  • 2005/10/6 18:27

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


Herko

Thanks for your comprehensive reply, and for putting my mind at rest at leats for a while.

I have done as you said and can only find the following entries (no reference to "script_path") :

PATH_TRANSLATED - however the path is exactly the same as what is in my mainfile.php. Obviously I can't write it here but it is the same.

REDIRECT_PATH - Again, the same as PATH_TRANSLATED.

SCRIPT_FILENAME - Just says /usr/local/bin/php so I don't think that is related to the path problem I am having.

sendmail_path - Not to do with what we are looking at. Had dealing with that before.

Then there's a host of PHP Variables that have path in them, but again, they all seem to hold the same value as PATH_TRANSLATED.

So I'm still really stuck. Any further advice? I'd be so very greatful.

Thanks

Ted

Login

Who's Online

140 user(s) are online (101 user(s) are browsing Support Forums)


Members: 0


Guests: 140


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits