Jump to content



Photo
- - - - -

Installed X Sell - Now Strange Errors - HELP!


This topic has been archived. This means that you cannot reply to this topic.
17 replies to this topic

#1   Mort-lemur

Mort-lemur
  • Members
  • 1,911 posts

Posted 26 September 2010 - 20:16

Hi,

I have installed X Sell 2.7.2 and found that when I accessed X Sell from my Admin, it caused my IP to be added to my IP trap on my catalog side. I narrowed this down to this line at the end of my .htaccess file where I route 403 errors into the IP trap:

ErrorDocument 403 /a folder/index.php

When I remove this code X Sell does not ban me.

However, I found the following entries in my error log for when I was banned:

[Sun Sep 26 20:40:15 2010] [error] [client 88.106.40....] client denied by server configuration: /home/user/public_html/images/default.html, referer: https://www.mysite.c...admin/xsell.php

[Sun Sep 26 20:40:15 2010] [error] [client 88.106.40....] client denied by server configuration: /home/user/public_html/images/index.phtml, referer: https://www.mysite.c...admin/xsell.php

[Sun Sep 26 20:40:15 2010] [error] [client 88.106.40....] client denied by server configuration: /home/user/public_html/images/index.php, referer: https://www.mysite.c...admin/xsell.php

[Sun Sep 26 20:40:15 2010] [error] [client 88.106.40....] client denied by server configuration: /home/oser/public_html/images/index.php3, referer: https://www.mysite.c...admin/xsell.php


There are more entries like this - it is as though X_Sell.php is sniffing for a file in the images folder, although I cannot see this in the X Sell Code.

What is going on here ?

Thanks

Now running on a fully modded 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.


#2   Mort-lemur

Mort-lemur
  • Members
  • 1,911 posts

Posted 26 September 2010 - 20:52

Hi again,

Could the above be caused by this line of code in the admin/xsell.php file:

<td class="dataTableContent" align="center">&nbsp;<?php echo ((is_file(DIR_FS_CATALOG_IMAGES . '/'.$products['products_image'])) ?  tep_image(DIR_WS_CATALOG_IMAGES . '/'.$products['products_image'], "",

Is this causing a search for all versions of index.xx in the images folder which leads to a ban?

Thanks

Now running on a fully modded 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.


#3   Mort-lemur

Mort-lemur
  • Members
  • 1,911 posts

Posted 27 September 2010 - 10:28

Ok,

Feeling a bit more relaxed now - I dont now think this is a hack attempt...

Checked the site and no unusual files, sitemonitor is not showing anything unusual, virus scan of all files is OK, and no strange code on page source.

So all I can assume is thet the

'/'

in the code line above is causing a search of the images directory to look for a landing page, which leads to an IP ban.

Would I be correct in assuming this ?

Thanks

Now running on a fully modded 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.


#4 ONLINE   burt

burt

    Vanquisher of Demons

  • Community Team
  • 9,536 posts

Posted 27 September 2010 - 10:49

Try changing that particular line of code to;

<td class="dataTableContent" align="center">&nbsp;<?php echo tep_not_null($products['products_image']) ? tep_image(DIR_WS_CATALOG_IMAGES . '/' . $products['products_image'],  $products['products_name'], SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT) : TEXT_NONE; ?>&nbsp;</td>

See if the error still occuring.

Edited by burt, 27 September 2010 - 10:49.

Responsive osCommerce, join in the fun:
http://forums.oscomm...rom-the-get-go/

--
Making your shop better, one osCommerce module at a time - get in touch, or get my newsletter every 1st of the month.

 

Big Bang Templates for 2.3.4


#5   Mort-lemur

Mort-lemur
  • Members
  • 1,911 posts

Posted 27 September 2010 - 11:02

Hi Gary,

Thanks for the code, tried it - but it still takes me directly to the IP trap with the same errors in the error log.

Thanks

Now running on a fully modded 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.


#6 ONLINE   burt

burt

    Vanquisher of Demons

  • Community Team
  • 9,536 posts

Posted 27 September 2010 - 11:05

There is two such lines to change...

Responsive osCommerce, join in the fun:
http://forums.oscomm...rom-the-get-go/

--
Making your shop better, one osCommerce module at a time - get in touch, or get my newsletter every 1st of the month.

 

Big Bang Templates for 2.3.4


#7   Mort-lemur

Mort-lemur
  • Members
  • 1,911 posts

Posted 27 September 2010 - 11:25

There is two such lines to change...


Hi Gary,

Changed lines 299 & 372 - still banned....

Now running on a fully modded 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.


#8 ONLINE   burt

burt

    Vanquisher of Demons

  • Community Team
  • 9,536 posts

Posted 27 September 2010 - 11:33

In that case it is a problem with it's roots elsewhere.

Responsive osCommerce, join in the fun:
http://forums.oscomm...rom-the-get-go/

--
Making your shop better, one osCommerce module at a time - get in touch, or get my newsletter every 1st of the month.

 

Big Bang Templates for 2.3.4


#9   Mort-lemur

Mort-lemur
  • Members
  • 1,911 posts

Posted 27 September 2010 - 11:49

Very Strange then.

What sort of code in a file would cause attempts of the images folder for the following file names: home.html + Default.html + index.php5 + default.html + index.phtml + index.php + index.php3 + index.php4 + index.cgi + index.pl + index.shtml + index.html what should I be looking for ? I could post the whole xsell.php file - but it is 407 lines long.

I have this code in a .htaccess in my images folder as well which may be blocking these as well :

# $Id$
#
# This is used to restrict access to this folder to anything other
# than images

# Prevents any script files from being accessed from the images folder
<FilesMatch "\.(php([0-9]|s)?|s?p?html|cgi|pl|exe)$">
   Order Deny,Allow
   Deny from all
</FilesMatch>

Im Completely baffled now.

Thanks

Now running on a fully modded 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.


#10 ONLINE   burt

burt

    Vanquisher of Demons

  • Community Team
  • 9,536 posts

Posted 27 September 2010 - 13:21

Can you go to your usual admin / categories page and go to edit a product.

Check the log and see if this causes an error.

Responsive osCommerce, join in the fun:
http://forums.oscomm...rom-the-get-go/

--
Making your shop better, one osCommerce module at a time - get in touch, or get my newsletter every 1st of the month.

 

Big Bang Templates for 2.3.4


#11   Mort-lemur

Mort-lemur
  • Members
  • 1,911 posts

Posted 27 September 2010 - 13:58

Hi Gary,

No errors - I can edit the products without being banned and without any error logs being generated.

Thanks

Now running on a fully modded 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.


#12 ONLINE   burt

burt

    Vanquisher of Demons

  • Community Team
  • 9,536 posts

Posted 27 September 2010 - 14:07

How about the same thing, but this time yusing a product without an image.

Responsive osCommerce, join in the fun:
http://forums.oscomm...rom-the-get-go/

--
Making your shop better, one osCommerce module at a time - get in touch, or get my newsletter every 1st of the month.

 

Big Bang Templates for 2.3.4


#13   Mort-lemur

Mort-lemur
  • Members
  • 1,911 posts

Posted 27 September 2010 - 14:23

Ok,

Found a product with no image - edited it in admin = Banned + Errors as above recorded.

What is the problem do you think ?

Thanks

Now running on a fully modded 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.


#14   Mort-lemur

Mort-lemur
  • Members
  • 1,911 posts

Posted 27 September 2010 - 19:23

OK,

I have now made sure that all my products have an image - even the inactive ones.

Now I don't get banned by the IP trap and no errors are generatef when using X Sell - I would still like to know what causes this if anyone knows.

Many Thanks

Now running on a fully modded 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.


#15 ONLINE   burt

burt

    Vanquisher of Demons

  • Community Team
  • 9,536 posts

Posted 29 September 2010 - 12:20

When any script looks for a non-existent file, the banning script is initiated...

So...that's where you have to look. Why would a non existent file initiate the script?

Responsive osCommerce, join in the fun:
http://forums.oscomm...rom-the-get-go/

--
Making your shop better, one osCommerce module at a time - get in touch, or get my newsletter every 1st of the month.

 

Big Bang Templates for 2.3.4


#16   Mort-lemur

Mort-lemur
  • Members
  • 1,911 posts

Posted 29 September 2010 - 13:28

Ok,

Well when the image file is none existant then it starts to look for a "landing" file within the images folder, be it index.html, index.php etc etc, so when that happens the images .htaccess prevents those types of files being run, so it directs to the banning script. ???

However, what initiates the progranmme to look for the landing page? and to try all the variations of index or home files as I posted above?

Thanks

Now running on a fully modded 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.


#17   Brainbug125

Brainbug125
  • Members
  • 44 posts

Posted 25 April 2012 - 14:05

@Mort-lemur

I have the same probs...
and that solved the issue
Have u found the reason?

I just want to understand in wich part of the script i have to look

I use
osC_Sec_5.0.3
KISS_FileSafe_version_1.0_r12
Security Pro 2.0 ( r7 )_1

And where i have to look to define a landing page?

Ty

Edited by Brainbug125, 25 April 2012 - 14:20.


#18   Brainbug125

Brainbug125
  • Members
  • 44 posts

Posted 26 April 2012 - 11:41

Forgot my previous...i found the issue in my advanced_search