Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

celextel

Members
  • Posts

    147
  • Joined

  • Last visited

Everything posted by celextel

  1. You could leave the chmod setting as mentioned by you if PHPIDS is working fine. PHPIDS was reporting these values [REQUEST.__utmz, COOKIE.__utmz] as intrusions when we first tested in our osCommerce based website by creating hundreds of log entries. These values either be of basic osCommerce or of one of the contributions which we have installed.
  2. Exclusions are in order. You could change the following code: RewriteRule ^(.*)-p-([0-9]+).html$ product_info.php?products_id=$2&%{QUERY_STRING} to RewriteRule ^(.*)-p-(.*).html$ product_info.php?products_id=$2&%{QUERY_STRING} and then try. If you still have problem, you have to enable error reporting in product_info.php and then find out as to what is wrong. Remove error reporting codes after checking.
  3. Add the following values under exclusions and then do the tests again: REQUEST.cart REQUEST.wish COOKIE.cart COOKIE.wish To find out as to why you are getting a blank page, enable error reporting in those files [index file or so] and see as to what error message you are getting.
  4. We have not tested this in the localhost. Please test this in a web server where you have your osCommerce. Test-1 result shown by you is different from the one shown by us. Try without public_html/ in the URL. We do not see the REQUEST.cart, REQUEST.wish, COOKIE.cart and COOKIE.wish values in our tests.
  5. We have not done much modification to banned.php as that contribution is of someone else. Your following suggestion seems to be a better option: $ip_2ban_address = $_SERVER['REMOTE_ADDR']; in lieu of $ip_2ban_address = tep_get_ip_address(); We would also use this modified code in our websites. Hope this solves that issue. Thanks for your suggestion.
  6. We have also noticed this. Some IPs are not logged under banned IPs. We do not know the reason for this. We could ban them by entering those IPs.
  7. Enable error reporting in your index file and see as to what error message you are getting. If you get the following error message: Exception: PDOException: could not find driver Then PDO driver file is missing in the configuration. You have to request the web hosting provider to enable this. Info regarding this are at the following URL: http://forum.php-ids.org/comments.php?DiscussionID=284 http://dev.mysql.com/tech-resources/articles/mysql-pdo.html
  8. Sorry, we meant osc_phpids.php file. By mistake we had mentioned as banned_ip.php. Thanks.
  9. Find the following code in includes/modules/banned_ip.php file: $mail_recipient = array(STORE_OWNER_EMAIL_ADDRESS, SEND_EXTRA_ORDER_EMAILS_TO); You could modify this code either as: $mail_recipient = STORE_OWNER_EMAIL_ADDRESS; or as: $mail_recipient = SEND_EXTRA_ORDER_EMAILS_TO; as required by you.
  10. PHPIDS dies not do any redirection. Perhaps your server is not configured properly for executing certain requests of PHPIDS. Enable error reporting in your index file and see as to what error message you are getting. [refer to our earlier post]
  11. Enable error reporting in your index file and see as to what error message you are getting. If you get the following error message: Exception: PDOException: could not find driver Then PDO driver file is missing in the configuration. You have to request the web hosting provider to enable this. Info regarding this are at the following URL: http://forum.php-ids.org/comments.php?DiscussionID=284 http://dev.mysql.com/tech-resources/articles/mysql-pdo.html
  12. You could ignore this as the impact score is not on the higher side. Some of the intrusion alerts by PHPIDS may not be actual intrusions. PHPIDS has got its own parameter for flagging certain requests as intrusions. We need to verify each of them.
  13. You need not change anything here if you upload "phpids" to the includes directory. includes directory could be either under the catalog folder or directly under the website root. If you upload this to some other directory, you need to change the $oscBasePath value to the new path. Example: $oscBasePath = '/public_html/'; Do not make any other changes.
  14. Yes, some comment strings were reported as intrusions. We need to ignore them. You could also include those variables under exclusions.
  15. Banned IP module also functions as a stand alone module. Perhaps it has banned you when you were trying to access one of its protected folder. This might also happen when you use SiteMonitor. Just leave that IP in the db and make it allowed so that it would not ban you again.
  16. PHPIDS would work irrespective of the admin folder name as it does not access any of the files in admin. 1. Make sure you have done the following: Step-E: Testing Set the Show Intrusion Result value to true in the admin settings. 2. Make sure you do not have any XSS shield codes in htaccess file. 3. If you still do not see any result while doing the testing, you need to see in the admin whether any log entries are created for those test attacks. 4. Enable error reporting by adding the following codes to your index.php: error_reporting(E_ALL); ini_set('display_errors', '1'); at the top after <?php 5. If you get the following error message: Exception: PDOException: could not find driver You need to request your hosting provider to add PDO driver. You could give them the following info regarding this: Info regarding PDO driver is at the following URL: http://forum.php-ids.org/comments.php?DiscussionID=284 http://dev.mysql.com/tech-resources/articles/mysql-pdo.html PDO requires the object-oriented capabilities of PHP 5, so PHP 5.0 or higher is a prerequisite. The PDO extension ships with binary versions of PHP 5.1 and 5.2 and is very simple to implement on most operating systems. Compiling PHP from source is the one sure way to customize PHP to your exact specifications and ensure that you have not only PDO but also the drivers you need. However, the package managers of most current Linux distributions make it easy to add support—if it's not already there. Under openSuSE (10.2) for instance, the php5-pdo module provides support for PDO and the php5-mysql module provides the PDO driver for MySQL. If you are already using MySQL with PHP you already have the PDO driver. You only need check that you have the PDO module loaded.
  17. Yes, we have this for debugging. You could remove it. cache is different. You have to set the full path in: Configuration > Sessions > Session Directory
  18. As such error reporting codes are not required. But we have kept them to find out the errors while testing at our end. It would also help you to trace the errors. Hiding errors does not solve the actual problem. You need to make sure that you have set the correct folder path at: Configuration > Sessions > Session Directory in Admin. Full path should be give here of the cache or tmp directory. Make sure that this cache or tmp directory is writable [777]. Keep the error reporting code and correct this error.
  19. We have this in 5 of our Live Shops and we do not have this type of problem in any of them. Check whether the tables have been created correctly. Hope you have PHP 5 in your server. This would not work in PHP 4.
  20. You need to verify as to whether you have done the following: Step-B: Admin 5. Important: Before going to the next step, browse admin/phpids_installer.php file after admin log-in. This installer would create the tables for PHPIDS Log and Banned IP. It would also insert the PHPIDS main configuration to database automatically. Delete this file after installation. Check whether the TABLE_PHPIDS and TABLE_BANNED_IP exist in your MySQL db.
  21. Yes, you have to add these directories in Site Monitor under exclusions. We are also using Site Monitor.
  22. You are correct. PHPIDS creates a log about an intrusion when it occurs. Anti XSS codes do not allow this to happen. You could have Security Pro in lieu of Anti XSS.
  23. We do not have a file named as page_name.html in our module. You need to find our as to the module which is using this file. Perhaps some other contribution may be interfering with our contribution.
  24. We do not know as to why you were getting this error message. You need to enable error logging into your hosting account. If you are unable to do this yourself, you have to request your hosting provider to do this.
×
×
  • Create New...