Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SiteMonitor


Jack_mcs

Recommended Posts

Hi same here updated to latest version and kept getting invalid username, I have reverted back to an older version for now, look forward to the update/ instructions how how to install this.

So many people were trying to run this without setting the username that I decided to add code to check for that. You should only see the invalid username message if your username is set at username. In that case it will take you to the configure section so you can change it. But since this version has a broken configure section, you won't be able to do that. So try editing the configure file manually and change the username to the correct username and it should work.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

A new version has been uploaded. The admin section should be working properly now and I removed the defined text since that was not being included correctly for all shops. Please test it and let me know if there are still any problems.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

A new version has been uploaded. The admin section should be working properly now and I removed the defined text since that was not being included correctly for all shops. Please test it and let me know if there are still any problems.

Jack,

 

I installed on both shops. So far it has run through all files including admin. Success message is correct, but the exclude box still will not save my settings. No problem editing manually though.

I will interested how mine works when I add a new product as that has always resulted in a timeout for me.

 

Thanks for the great contribution!

 

Tim

 

 

ps:

Any idea why this line trips the hacker check?

osCommerce, Open Source E-Commerce Solutions 

Line 5 in about 10 files comes back as suspect.

Edited by knifeman
Link to comment
Share on other sites

Jack,

 

I installed on both shops. So far it has run through all files including admin. Success message is correct, but the exclude box still will not save my settings. No problem editing manually though.

I will interested how mine works when I add a new product as that has always resulted in a timeout for me.

 

Thanks for the great contribution!

 

Tim

With a little over 17k products I had to exclude my images folder in order to prevent the timeout. I do have an .htaccess that prevents anything other than image files from being served from that folder though.

Community Bootstrap Edition, Edge

 

Avoid the most asked question. See How to Secure My Site and How do I...?

Link to comment
Share on other sites

With a little over 17k products I had to exclude my images folder in order to prevent the timeout. I do have an .htaccess that prevents anything other than image files from being served from that folder though.

Not sure how many files, but my images folder on one site is just under 18 meg.

I know when viewing through the Cpanel file manager it takes a long time for the list to render, so maybe there is a server issue.

 

Tim

Link to comment
Share on other sites

I installed on both shops. So far it has run through all files including admin. Success message is correct, but the exclude box still will not save my settings. No problem editing manually though.

Be sure you have reset the hacker code segments in the configure file to the original from the contribution. The previous version would have changed those.

ps:

Any idea why this line trips the hacker check?

osCommerce, Open Source E-Commerce Solutions 

Line 5 in about 10 files comes back as suspect.

Hmm, that's a very common line of text and I'm not see it fail on it in any of the installations I've done. Maybe the failure is due to the line above the one it is indicating?

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

A new version has been uploaded. The admin section should be working properly now and I removed the defined text since that was not being included correctly for all shops. Please test it and let me know if there are still any problems.

 

Using "Manually Check for Hacked Files" come up with a blank page and no error. Tried in both IE & FF.

 

I have put this in admin/includes/functions/sitemonitor_functions.php at line 874 to have a 'Back' button:

echo '<td><input type=button value="Back" onClick="history.go(-1)"/></td>';

Just in case someone would like that..

Link to comment
Share on other sites

Be sure you have reset the hacker code segments in the configure file to the original from the contribution. The previous version would have changed those.

Sorry to be so dense Jack. I am not sure I understand the direction.

 

I edited the admin file:

sitemonitor_configure.php I went as far as removing this line altogether:

 

$hackCodeSegments = array("error_reporting(0)", "base64_decode","<frame","gzdecode","eval"); //enter any hacker code that you would like to check for

And my exclude box will not save the changes. My sitemonitor_configure file has permissions of 644.

 

Tim

Link to comment
Share on other sites

Using "Manually Check for Hacked Files" come up with a blank page and no error. Tried in both IE & FF.

 

I have put this in admin/includes/functions/sitemonitor_functions.php at line 874 to have a 'Back' button:

echo '<td><input type=button value="Back" onClick="history.go(-1)"/></td>';

Just in case someone would like that..

It might be that the script is failing but you are not seeing the error due to how you server is setup. Take a look at your error log file and check for any entries related to this script.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

I edited the admin file:

sitemonitor_configure.php I went as far as removing this line altogether:

 

$hackCodeSegments = array("error_reporting(0)", "base64_decode","<frame","gzdecode","eval"); //enter any hacker code that you would like to check for

And my exclude box will not save the changes. My sitemonitor_configure file has permissions of 644.

The entries in the configure file have to start with a quote (") but the previous code was changing that to it ascii equivalent (') which would fail the comparison once loaded again. I was just saying to make sure the configure file uses " where it should.

 

If you remove a line from the configure file, it won't be saved because the code sees that as an error.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

It might be that the script is failing but you are not seeing the error due to how you server is setup. Take a look at your error log file and check for any entries related to this script.

 

I cant find any error logged.

Here is what I get trying to use "Manually Check for Hacked Files" (in IE):

sitemonitor.jpg

Translated:

This site can not be viewed in Internet Explorer

You can try this:

'Diagnose Connection Problems'

More information

 

Any idea?

Link to comment
Share on other sites

Hi Jack,

 

i install the latest version from the contrib. The osc-contrib-side name it Version 2.1, but the zip-file contains a update-doc from V2.1 to V2.2 ?!?!

 

But my problems are the same

 

- the handling with exclude selector / exclude list on the setup-page is very difficult

- i get blank pages on the first three points on the admin-page

 

i despair

 

Best regaqrds

Anja

Link to comment
Share on other sites

I cant find any error logged.

Here is what I get trying to use "Manually Check for Hacked Files" (in IE):

sitemonitor.jpg

Translated:

This site can not be viewed in Internet Explorer

You can try this:

'Diagnose Connection Problems'

More information

Does this happen when you click on the bottom update button or on one of the links in the results?

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

All of a sudden, today whenever I click on any of the buttons or the admin or configure option I get a blank page. I have ran sitemonitor before but today it isn't working. Any clue whats goin on?

Contributions installed: Purchase without Account / STS/ All Products/ Header Tags Controller

Link to comment
Share on other sites

All of a sudden, today whenever I click on any of the buttons or the admin or configure option I get a blank page. I have ran sitemonitor before but today it isn't working. Any clue whats goin on?

Have you updated to the latest version? If you did, you may read the previous couple of pages. If not what version are you using?

Absinthe Original Liquor Store

Link to comment
Share on other sites

I haven't updated to the latest version. I'm using v 1.9..I want to know why it's just going blank rather than simply updating though. Unless this is an issue with 1.9?

Contributions installed: Purchase without Account / STS/ All Products/ Header Tags Controller

Link to comment
Share on other sites

When I click the bottom update button..

I don't know what it might be. Others aren't havng the problem, or at least not posting about it, and I don't see it in the sites I've installed it into so it must be something related to your setup, or maybe the version of php you are using.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

I haven't updated to the latest version. I'm using v 1.9..I want to know why it's just going blank rather than simply updating though. Unless this is an issue with 1.9?

That's usually caused by the code timing out. Maybe you added more files that caused the script to fail where it wouldn't before. You can try editing the exclude list to exclude more and see if it starts working.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

^ I just updated to the latest version and all is in order.

 

Jack any advice on what I should be looking for when I have a suspected hacked file? I realize I don't know what hacked code looks like. I'm sure if it was something big and obvious, I'd notice but if it was something more obscure then I wouldn't.

Contributions installed: Purchase without Account / STS/ All Products/ Header Tags Controller

Link to comment
Share on other sites

Hi Jack, I've just tested the latest version. Maybe I do not understand it's logic now or it is not working...

 

this is what I see on the page sitemonitor_configure_setup.php in Exclude List box: "contest","cache","feeds", "googlesitemap", "log", "admin"...

 

Do we agree that the script should not be looking in those directories for any changes? If yes, we're on the same track... The same folders are shown after I hit the update button. Next step, I move to /sitemonitor_admin.php and hit the update button in the Delete Reference File section. It takes quite long... and the output is email message containing this:

Found a new file named cache/xsell_products-espanol.cache64

Found a new file named cache/also_purchased-french.cache59

Found a new file named cache/also_purchased-english.cache78

and this...

Found a new file named contest/Absinthe_Contest_2006/ryan wot u bn doin_by_absinlee.jpg

Found a new file named contest/Absinthe_Contest_2006/original.sorry for the grayscale double_by_anonymous.rate

Found a new file named contest/Absinthe_Contest_2006/shadow_by_Gonzo.txt

and this...

Found a new file named admin/images/geo_flags/mv.gif

Found a new file named admin/images/geo_flags/sk.gif

Found a new file named admin/images/geo_flags/dm.gif

and many others...

 

Why is it monitoring those folders if I excluded them? To test it further, I deleted the cache (tools/cache control) and executed the sitemonitor - section Run Sitemonitor. Reference file is not deleted. Output, you may ask? This: 393 mismatches were found. Run the script manually or see the email for the actual mismatches. Of course that I saw the email, these are there:

Found a deleted file named cache/xsell_products-french.cache48

Found a deleted file named cache/xsell_products-english.cache45

Found a deleted file named cache/also_purchased-espanol.cache53

and many others...

 

Am I missing something obvious or have I been drinking too much absinthe? Either way if I exluded any folder in the version 1.9, it was not shown in any email message under any circumstances.

Absinthe Original Liquor Store

Link to comment
Share on other sites

^ I just updated to the latest version and all is in order.

 

Jack any advice on what I should be looking for when I have a suspected hacked file? I realize I don't know what hacked code looks like. I'm sure if it was something big and obvious, I'd notice but if it was something more obscure then I wouldn't.

There's no one thing to check for but, many times, the code that hackers add is the very first or the last one or two lines in a file. For a php file, the first line should always be just <?php, nothing else. So if you look at a suspected file and see the code segments shown in the configure section in those areas, then you need to look closer at that file. It could still be a hacked file but that sometimes takes an experienced eye to see it. In this version of SiteMonitor, when a file is shown as a suspected hacked file, if it is checked as being in the reference file and the dates match, then it is probably OK. That assumes it was good in the first place, of course.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Hi Jack, I've just tested the latest version. Maybe I do not understand it's logic now or it is not working...

 

this is what I see on the page sitemonitor_configure_setup.php in Exclude List box: "contest","cache","feeds", "googlesitemap", "log", "admin"...

 

Do we agree that the script should not be looking in those directories for any changes? If yes, we're on the same

Yes, that is how it should work and is the same as previously versions.

 

Am I missing something obvious or have I been drinking too much absinthe? Either way if I exluded any folder in the version 1.9, it was not shown in any email message under any circumstances.

I don't have a reason why it is failing for you. Have you tried deleting the reference file? After you click on the Delete update button, if you look in the reference file does it have cache, admin, etc. listed? If so, the reference file is not being created correctly. If not, the code is not recognizing the paths. The code for the paths was changed in this version so, if it is the second situation, that is the problem. In that case, be sure the DIR_FS_CATALOG setting in the admin/includes/configure.php file has the correct path to your files and that that is the path in the SiteMonitor configure file.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

I don't know what it might be. Others aren't havng the problem, or at least not posting about it, and I don't see it in the sites I've installed it into so it must be something related to your setup, or maybe the version of php you are using.

 

I will try to investigate it when I get time..

PHP version: 5.2.13 (Zend: 2.2.0)

Link to comment
Share on other sites

I will try to investigate it when I get time..

PHP version: 5.2.13 (Zend: 2.2.0)

I'm using the same versions, or close to them, so that shouldn't be the problem. If you can't find the reason and wouldn't mind providing me with ftp and admin access, I will take a look at it. I'm curious as to why so many are having problems when I can't get it to fail once.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...