Auzy Jack

Members
  • Content count

    28
  • Joined

  • Last visited

Community Reputation

0 Neutral

1 Follower

About Auzy Jack

Profile Information

  • Real Name
    Ray Ackland
  1. celextel, I received a response on my ticket with the service provider who sent a 406.shtml file for inclusion in my site. On preforming test no. 2. I receive the following message (Please note I have replaced my IP number with xxx). (none)xxx.xxx.xxx.xxx/?test=%22%3E%3Cscript%3Eeval(window.name)%3C/script%3Ewww.venetianglass.com.auMozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 ( .NET CLR 3.5.30729)406 All it appears to tell me now is that I sent test and what is running on my browser. Any Ideas? I had another attach this morning from the Ukraine (second visit this week. Inserted his web address as his IP and get through a deny access 91.211.*.* in .htaccess) impact 124. Your phpids is definitely working with the new incursion logged and entered in the banned IP file. Your time is appreciated.
  2. celextel, I have sent a ticket to my server regarding error handling, no response to date. My server already has PDO and what appears to be the driver version. Extracted from admin, tools, server info. _______________________________________ PDO PDO support enabled PDO drivers sqlite, sqlite2, mysql pdo_mysql PDO Driver for MySQL, client library version 5.0.91 ______________________________________ I'm still unable to input a IP in admin, tools, banned IP. Waiting on server to get back. Regards Auzy Jack
  3. __________________ celextel thank you for answering my post, Your suggestion 1. worked no problem with test 1 threat registering in admin phpids log and emailing me the IP incursion. As to part 2 I posted the wrong error message (sorry). The message I sent you was from when I tried to add a IP in admin tools banned IP. Running test 2 I get the following error on screen. Not Acceptable An appropriate representation of the requested resource / could not be found on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. _____________ I checked the read me text section again and believe that the files and folders are installed correctly. (not the first time I have made a mistake though) Previously I used cpanel to add an extra password to my /admin directory but that has been removed for over 24 hours and does not seem to have been the problem. Reasenatanly added SecurityPro_1_0_2, IP Trap update, IP_C_M_S_1, htaccess Protection Scripts_as well as blacklist 2010 to htaccess prior to installing phpids as suggested in other forums in the past but only securityPro, part of the htaccess Protection Scripts_as well as part of the blacklist 2010 to htaccess remain installed. As previously mentioned all entries other then original .htaccess where temporarily removed entirely for phpids testing. Does the error message above from test 2 suggest where I could head next? Admin IP bane module set to false at present. Kindest regaurds Auzy Jack
  4. Dear Forum, Just recuperating and getting my store back on line after a hack. I have installed PHPIDS on oscomerse 2.2rc2a with eveything testing out OK in admin. When I get to test 1 the following appears. Can you help with eliminating the error code at the bottom? Cache on. The 2 directory's permissive set to 777 SQL database sees and is reading the incursions. Ocurances appear in admin phpids log. Email works. except for the error everything appears to be working. ____________ Total impact: 8 Affected tags: xss, csrf Variable: REQUEST.test | Value: \">XXX Impact: 4 | Tags: xss, csrf Description: finds html breaking injections including whitespace attacks | Tags: xss, csrf | ID: 1 Variable: GET.test | Value: \">XXX Impact: 4 | Tags: xss, csrf Description: finds html breaking injections including whitespace attacks | Tags: xss, csrf | ID: 1 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/venetian/public_html/includes/modules/osc_phpids.php:199) in /home/venetian/public_html/includes/functions/sessions.php on line 102 __________________ When I try test 2 I get the following. _____________ Forbidden You don't have permission to access /admin/banned_ip.php on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. _____________ This is probably something to do with an add on I have added and not removed properly in the past but do not know where to look. I have mainly been using .htaccess for this. I deleted everything out of this file and still have the same results. I added what I believe is the error reporting code to /index.php error_reporting(E_ALL); ini_set('display_errors', '1'); at the start prior to the above results but they do not show up on screen. Your help would be appreciated if you have the time to assist. Auzy Jack
  5. :rolleyes: Great contribe . The install worked first time for me. No problems with the product attributes pages. Grat work and thanks a lot. :rolleyes:
  6. Bill, Fly outs working now with Dm_menu as per your recommendations in that forum. My previous question still holds about the compatability of easy meta tags to work with STS4.5.8 on a RC2a shop. Do you know of a similar contribe I could use to replace headertags SEO now I have uninstalled it. Will the Header tag controller work in the Power Pack for STS 4 in STS4.5.8 on a RC2a shop. D you know of any problems with dynamic_sitemap v 3.5 when running STS4.5.8. Regards Jack
  7. Bill, I ended up removing Header tags SEO by going back through the installation instructions and now STS seams to be working OK. I found where I went wrong in 2 places. I will try your flyout fix again tomorrow for Dynamic Menu. Could you tell me if easy meta tags will work with STS4.5.8 on a RC2a shop?? Regards Jack
  8. Sorry about the spelling mistakes this was a second try as I lost the first. The ps is a aftal error message saying previously declared tep_make_cat_dmlist when I added a new one after reading in your fixes.
  9. Bill, Can you help I've been to jack in regard STS and Header tags SEO. I have made a lot of mistakes to date but are learning by them. I had STSv4.5.8_1_2 working well untill I installed HeaderTags_SEO_V_3.0.3 then upgraded to 3.04. SEO works and displays keywords in the sorce code with STS turned off, all tags will automatically fill when asked. Turn STS on and change the title declaration back in Index and Product info.php files for STS and there are no keywords displayed in the source page of all pages bar 1 new file I added to the info box based on the shipping module. This page picks up the default words. With STS on I can fill some keywords automatically but they are lost if I turn STS off and on again. The Index page will not allow me to enter and words manually they are unpty and surrounded in red not yellow frames. I hope can supply a leed for me on this or let me know how to re-install/upgade my site with out losing existing shop date. (IF POSSIBLE). I would could then install each contrib one by one backing up in between. Running: server timezone fix 1.0, STSv4.5.8_1_2, Dynamenu_for_osCommerce_v1_1_2, HeaderTags_SEO_V_3.0.4_1_2 ps. Flyouts do not work with STS on and I have tryed your latest hints. I have previously dclared tep_make_cat_dmlist in includes/boxes/dm_catagories.php:210 in the same includes/boxes/dm_catagories.php Line 245. Regards Jack
  10. Jack, Yes the header tag file has been installed to sts settings in admin. I think you are right in recomending looking at the shop install files that where manually modified. I have checked all files with a compare tool against my oldest back up copies and your doanload files. I suppose the best way foward now is to load a fresh copy of OsCommerse and install all frevious contribs then compare the files to find where I have gone wrong? Regards Jack
  11. Jack. I have reinstalled everything from the start. Checked all files with a compare tool for accuracy against backups, catalouge and new rca install files for comparisons. Re read all posts. With STS turned off and install catalouge part 1 added to Index and product info.php files all works well with no errors. If I turn STS on including section 1A with or without section 1 for non STS applied I have the following problems. 1. The default title displays on all pages as set in admin for the site. 2. In headder tags SEO pages in admin I can not change the decription or keywords but I can with STS turned off. 3. In headder tags SEO fill tags I get the mesage "Failled to load SEO Words file Includes/header_tags_seo_words.txt", but with STS turned off all works correctly a seen in the source code on any main page. Currently running with STS disabled. my site=venetianglass.com.au I'm sorry to bother you again about this but it is a great contrib and I have run out of ideas again any hints? Regards Jack
  12. I know I have done something wrong here but I have not been able to find it. I really want your add on to work on my site but it seems I have made a poor go of it. Any sujestions on getting the site up and running again?
  13. 6) In includes/database_tables.php, anywhere before the last ?> ADD: /*** Begin Header Tags SEO ***/ define('TABLE_HEADERTAGS', 'headertags'); define('TABLE_HEADERTAGS_DEFAULT', 'headertags_default'); /*** End Header Tags SEO ***/ Would this have been over riden when I restored an earlier backup after it all crashed? I still have the same 1146 table headertags default doesn't exist.
  14. Yes I'm sure. I opened every file in dreamweaver and only found the one fererence in admin/includes/database tables. Which file should I be looking in and where is it ment to go when I find it. Since I have resored to a previous site backup could it be I have to reload most of the program?