Jump to content

sijo

Members
  • Content count

    268
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by sijo

  1. osCommerce VTS - Virus & Threat Scanner Support thread (Please be kind to me since english is not my first language) Welcome to osCommerce VTS. In the ever-decreasing world of Internet security, web servers are fast becoming a target for spammers and authors of malicious code to spread their nasties. Server security is paramount, and the spread of malicious code can be prevented by competent administrators and knowledgable web masters. But why not be on the safe side? osCommerce VTS is designed to run on your web server and scan your public web files for malicious code. It is small, portable and efficient, uses minimal server resources, and provides a full report on what has been discovered. This software is provided as-is, without warranty or guarantee of any kind. Use at your own risk. osCommerce VTS runs on Linux web servers (it has been known to function under Windows), and is optimised to run on shared web hosting accounts. Although osCommerce VTS may function with older versions, it remains untested and unsuported. Therefore I recommend you have the following installed on your server: * Apache 1.3 or higher * PHP 4.3.x or higer What osCommerce VTS does: * Scan for known *.php hacker files * Scan for known hacker sites & IP's * Scan for known suspicious code * Scan all types of files on your site (Not only php files) * Scan for open tag inside GIF image * Scan for possible shell execution * Scan for suspicious COOKIE references ...and more to come.. The contribution can be found at: osCommerce VTS
  2. sijo

    osCommerce VTS

    I am sorry to tell that osCommerce VTS will no longer be suported. I have closed my netshop and will be doing other things in the future. I wish you all a Happy New Year!
  3. sijo

    osCommerce VTS

    I have never tested it on a local machine and I dont have the possibility to do it either. I dont think I can help you with this, sorry... You could try to comment out these two lines like this: //if (!check_defs('virus.def')) //trigger_error("Virus.def vulnerable to overwrite, please change permissions", E_USER_ERROR);
  4. sijo

    osCommerce VTS

    First: You should not list your serverpath in public like you did here. Since I dont now the addons you are using, you have to compare reported files with your original one to see if there is any diffs or maybe files that should not be there. Files reported in ocVTS' folder AV are ok.. And you should rename your admin dir.
  5. sijo

    osCommerce VTS

    Q1: It's a 'nota bene ' because some unfriendly scripts could turn off error reporting for some reason.. Q2: It could be done, but I dont have the time to look into it now...
  6. sijo

    osCommerce VTS

    You have to check against the original osC (or add-ons) files if you are uncertain...
  7. sijo

    SiteMonitor

    Thanks, now it's right..:)
  8. This is what you have in your code: <?php } <!-- Simple multi image addon --> <tr><td>Additional Images:</td><td class="main" colspan="3"><table summary=""><tr> And it should be: (diff on line 3 here) <?php } ?> <!-- Simple multi image addon --> <tr><td>Additional Images:</td><td class="main" colspan="3"><table summary=""><tr>
  9. sijo

    SiteMonitor

    Yes, it's the link..:blush:
  10. sijo

    SiteMonitor

    It happens when I click the "Sitemonitor" menu button now. (Before I press Configure). And yes, the code for the fix ($adminSM) is in my file.
  11. sijo

    SiteMonitor

    Working fine here, but the "Logged in as: c (Logoff)" is back...
  12. sijo

    "Dynamenu" for osCommerce

    Try to put it at the end of these files: catalog\includes\footer.php catalog\includes\application_bottom.php
  13. sijo

    "Dynamenu" for osCommerce

    Download Dynamenu" for osCommerce v1.11 "Missing Images" update After that, implement what you want from the fixes and updates you find on the same side.
  14. sijo

    "Dynamenu" for osCommerce

    You're welcome..
  15. sijo

    SiteMonitor

    My Sitemonitor is working ok, but I wonder why this is happening: In osC admin panel to the right of the top menubar it says: (I have changed my username here ) Logged in as: steini (Logoff) But after clicking Sitemonitor -> Configure this is what it says: Logged in as: c (Logoff) And stays that way until I close admijn panel and restart it again. Why is Sitemonitor changing the username info on that line?
  16. sijo

    osCommerce VTS

    Your site loaded fine in ie8..
  17. sijo

    osCommerce VTS

    It could be, but it is also used in some code. You should compare the suspected file with a safe copy of the same file to see if this is right. In your case there is a .sys.php file in your images directory. Normally there should NOT be any php files in your images directory. BTW: You should NOT list your full path here in open forums as you did above. There could be hackers in here, and now they know where to go on your site. Also: Rename your admin dir, and please read this How to secure your site
  18. sijo

    osCommerce VTS

    No, none of them are right, please see my previous message how to configure..
  19. sijo

    osCommerce VTS

    If you want to scan from /shop then use: $CONFIG['scanpath'] = $_SERVER['DOCUMENT_ROOT']."/shop"; If you want to scan from your site root, then use: $CONFIG['scanpath'] = $_SERVER['DOCUMENT_ROOT'];
  20. sijo

    osCommerce VTS

    What do you have in config.php for this? : $CONFIG['scanpath'] =
  21. sijo

    osCommerce VTS

    Do you have a link to your site I could try? You could replace all infected files with safe ones, but: The best way is to clean your site and then upload it from a safe backup. Read the How to secure your site to be sure you have done what's needed to have a secure site..
  22. sijo

    osCommerce VTS

    The problem has to do with whitespace checking. Try to turn this off in whitespace.php : // check for leading & trailing whitespace: //$chk_ws = true; // ON $chk_ws = false; // OFF // remove leading & trailing whitespace if found (if set to true, $chk_ws also need to be true!): //$rmv_ws = true; // ON $rmv_ws = false; // OFF When you run ocVTS it will list your 'Scan root:' near the top. What does it say? $ftp_site, $ftp_usr and $ftp_pwd should be the same as when you FTP (upload) files to your site.
  23. sijo

    osCommerce VTS

    Can you list here your admin/includes/header.php file..
  24. sijo

    "Dynamenu" for osCommerce

    Since I dont have your source, I cant tell you where it is. You have to search your files for keywords to find it.. Also look in your catalog/includes/configure.php file.. Again, search your files for website_name .. (Your Dynamenu is working so you dont really need to search for it..)
  25. sijo

    osCommerce VTS

    I do not know what addons you are using that is reporting this, but it is not ocVTS. I'm sorry, but I cant help you with this..
×