ecco Posted July 7, 2010 Share Posted July 7, 2010 If someone is able to hack into your site, they can alter your files to send them your customers information. I've seen this happen several times, thus the genesis of this contribution. This contribution will create a record of your files so that they can be checked at a later date. If any files have been added or deleted, or the size, timestamp or permissions were changed, you are notified via email. The script can be ran manually, but the best way is to set up a cron job so that the files are checked automatically. The contribution can be found here. Jack so when i see the following Your username is invalid. Please change it and try again. is it refering to the start directory "username" or the username for an administrator. there are so many posts, but no good answers that can be found without reading every single one with the new forum layout. Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted July 7, 2010 Author Share Posted July 7, 2010 so when i see the following Your username is invalid. Please change it and try again. is it refering to the start directory "username" or the username for an administrator. there are so many posts, but no good answers that can be found without reading every single one with the new forum layout. It's referring to the username of your hosting account. Go to admin->Modules and you will see the path to your shop there. That contains the username you need. If you can't figure out what the username is from it, you should contact your host and ask them. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
ecco Posted July 7, 2010 Share Posted July 7, 2010 It's referring to the username of your hosting account. Go to admin->Modules and you will see the path to your shop there. That contains the username you need. If you can't figure out what the username is from it, you should contact your host and ask them. thanks, that worked. Quote Link to comment Share on other sites More sharing options...
stragami Posted July 9, 2010 Share Posted July 9, 2010 Jack, like to say shotly thx for your work - great! i always look for your contribs - works - fine - the best i can get ..... rgds alfred Quote Link to comment Share on other sites More sharing options...
stragami Posted July 9, 2010 Share Posted July 9, 2010 Jack short upodate if the user get a timeout e.g. Fatal error: Maximum execution time of 30 seconds exceeded in.... a good soloution is to att in file sitemonitor_admin.php after require('includes/application_top.php'); this: set_time_limit (0); That change will not work if the server is working in 'safe mode' rgds alfred Quote Link to comment Share on other sites More sharing options...
WebDev22 Posted July 10, 2010 Share Posted July 10, 2010 I just installed SiteMonitor and clicked on Configure in admin. When I try to update, I get a message at the top of the page that reads "FAILED: Exclude list does not begin with quotes." I'm not sure what to enter into that field. The drop-down above it shows nothing either. Quote Link to comment Share on other sites More sharing options...
WebDev22 Posted July 10, 2010 Share Posted July 10, 2010 If the "Admin" folder was renamed, does it need to be changed here as well? // sitemonitor text in includes/boxes/sitemonitor.php define('BOX_HEADING_SITEMONITOR', 'SiteMonitor'); define('BOX_SITEMONITOR_ADMIN', '[font="Arial Black"]Admin[/font]'); Quote Link to comment Share on other sites More sharing options...
stragami Posted July 10, 2010 Share Posted July 10, 2010 I just installed SiteMonitor and clicked on Configure in admin. When I try to update, I get a message at the top of the page that reads "FAILED: Exclude list does not begin with quotes." I'm not sure what to enter into that field. The drop-down above it shows nothing either. I got the same error i change it to ' and it was fine Quote Link to comment Share on other sites More sharing options...
WebDev22 Posted July 10, 2010 Share Posted July 10, 2010 I got the same error i change it to ' and it was fine I tried adding an apostrophe but got that same pink strip across the top but with no error message. Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted July 11, 2010 Author Share Posted July 11, 2010 I tried adding an apostrophe but got that same pink strip across the top but with no error message. The default configure file won't cause that failure so you either made some incorrect change to the configure file or you are using an old version. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
ryanmurakami Posted July 12, 2010 Share Posted July 12, 2010 Hi Jack, Great addon! I'm having trouble getting it to check for hacked files. When I click the update button, it gives me an Error 500 - Internal Server Error. All of the other update functions of SiteMonitor work, and I checked my Configure page and everything looks correct. Do you know what could cause it? Is it possible that some .htaccess code could be causing issues? Thanks for your help! Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted July 12, 2010 Author Share Posted July 12, 2010 Hi Jack, Great addon! I'm having trouble getting it to check for hacked files. When I click the update button, it gives me an Error 500 - Internal Server Error. All of the other update functions of SiteMonitor work, and I checked my Configure page and everything looks correct. Do you know what could cause it? Is it possible that some .htaccess code could be causing issues? Thanks for your help! That error, in relation to SiteMonitor, is usually due to the script timing out. The hacker checking code is checking more files than the monioting section so, if you have a lot of files, that might be the files. Although, no one has had such a problem that I am aware of so I wouldn't think that would be the problem. If it fails right away, it is probably something to do with your admin/includes/configure.php file. Look in the admin/error_log file, if there is one, to see if an error is reported. If not, provide your host with instructions on how to see the problem and see if they will take a look. Some will - some won't. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
blr044 Posted July 16, 2010 Share Posted July 16, 2010 Been having some issues with site and am not sure where the fix is yet. But that's another issue. So I manually checked for any hacked files. Found 43, but when looking at them I did not see anything our of the ordinary(sp). This one, the date match column is not checked: 19 admin_new_name/sitemonitor_configure.php error_reporting(0) This is what is on line 19: 0019 $hackIgnoreList = array('jpg', 'jpeg','gif','png','txt','zip'); //don't check these types of files - change to your liking Also found a php file in images directory, but after checking, I have no such file there. Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted July 16, 2010 Author Share Posted July 16, 2010 Been having some issues with site and am not sure where the fix is yet. But that's another issue. So I manually checked for any hacked files. Found 43, but when looking at them I did not see anything our of the ordinary(sp). This one, the date match column is not checked: This is what is on line 19: 0019 $hackIgnoreList = array('jpg', 'jpeg','gif','png','txt','zip'); //don't check these types of files - change to your liking Also found a php file in images directory, but after checking, I have no such file there. The line numbers for the hackers file is one off due to the <?php line. If you go to the next line, it is probably the list of hacker codes the script is checking for. The code reads in the files directly from the server. It can't find one if it isn't there. Are you sure you are looking in the correct images directory? Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
blr044 Posted July 17, 2010 Share Posted July 17, 2010 The line numbers for the hackers file is one off due to the <?php line. If you go to the next line, it is probably the list of hacker codes the script is checking for. So this is what is on line 19 of /xxxxx/sitemonitor_configure.php: $hackCodeSegments = array('error_reporting(0)', 'base64_decode','<frame','gzdecode','eval','ob_start("security_update")'); //enter any hacker code that you would like to check for So is this normal? Thanks. Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted July 17, 2010 Author Share Posted July 17, 2010 So is this normal? Yes. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
blr044 Posted July 17, 2010 Share Posted July 17, 2010 Yes. Thanks Jack. Quote Link to comment Share on other sites More sharing options...
garba72 Posted July 23, 2010 Share Posted July 23, 2010 I installed this application but give me this error: Access Denied No Right Permission Access Please contact your Web Administrator to request more access or if you found any problem. The dir are set to 755 and file 644. I can't set 777 because my hosting don't permit. If I set 777 appair 500 internal server error. What could I do? Thank you Best regards Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted July 23, 2010 Author Share Posted July 23, 2010 I installed this application but give me this error: Access Denied No Right Permission Access Please contact your Web Administrator to request more access or if you found any problem. The dir are set to 755 and file 644. I can't set 777 because my hosting don't permit. If I set 777 appair 500 internal server error. What could I do? You shouldn't have to change the permissions but it sometimes happens with some hosts. There have been suggestions on how to get around that posted in this thread but you will probably need to ask your host for help. Some will - some won't. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
DannyS Posted July 25, 2010 Share Posted July 25, 2010 It seems that running Sitemonitor from admin and running it from a cron job are using different reference files. Has anyone else seen this as I get different results as the cron job compares to an earlier snapshot of the files and I have no idea where it has stored that reference file as it's not the one in admin. Could it be in a cache somewhere? Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted July 25, 2010 Author Share Posted July 25, 2010 It seems that running Sitemonitor from admin and running it from a cron job are using different reference files. Has anyone else seen this as I get different results as the cron job compares to an earlier snapshot of the files and I have no idea where it has stored that reference file as it's not the one in admin. Could it be in a cache somewhere? It should use the same file and the script doesn't use cache. My guess is that the path is not correct in the cron job and the reference file is being written to the home directory (servers home, not web home). You should check there to see if the file exists and, if it does, fix the cron syntax so the path is correct. Your host may need to help with that. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
ozstar Posted July 25, 2010 Share Posted July 25, 2010 Hi, I have just installed 2.5 with osc and on checking the files with the 'Manual check' button in admin, I see about 12 files and all but two say 'eval' I have looked at the files and cannot see where they have been hacked. I tried the 2nd button from the top check with deletion and I get this error.. Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING, expecting ')' in /home/sydneyto/public_html/catalog/admin/sitemonitor_configure.php on line 18 It have checked my install again, however I must have missed something. Thanks oz Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted July 25, 2010 Author Share Posted July 25, 2010 I have just installed 2.5 with osc and on checking the files with the 'Manual check' button in admin, I see about 12 files and all but two say 'eval' I have looked at the files and cannot see where they have been hacked. Perhaps reading the text beside that button will help? I tried the 2nd button from the top check with deletion and I get this error.. Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING, expecting ')' in /home/sydneyto/public_html/catalog/admin/sitemonitor_configure.php on line 18 The error is most likely caused by a mistake in the configure file. Maybe you overwrote an apostrophe or something like that. Try replacing the configure file and try it again. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
ozstar Posted July 25, 2010 Share Posted July 25, 2010 (edited) Many thanks, I replaced all files and redid the configure questions and this time it works fine. Never doubted your script, it comes with too much credability for that, however one's proof reading becomes rather suspect as one gets older and a little pointer is always gratefully accepted. After the first run I get this message is that correct? DELETED FILES: Found a deleted file named SIZE MISMATCH: Size differences not checked due to deleted file(s) TIME MISMATCH: Time differences not checked due to deleted file(s) PERMISSIONS MISMATCH: Permissions not checked due to deleted file(s) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Sitemonitor ran on July 26, 2010, 9:34 am Total mismatches found were 1034 Total files being monitored is 1 Also, below are the files which it list as hacker possibilities. I have checked them and renewed them but they still come up. In that case is it wise to exclude them? Thanks again. oz :-) 80 download.php eval 124 admin/configuration.php eval 1839 admin/easypopulate.php eval 211 admin/modules.php eval 1004 admin/php.ini error_reporting(0) 19 admin/sitemonitor_configure.php error_reporting(0) 471 admin/includes/classes/phplot.php eval 400 admin/includes/functions/general.php eval 56 admin/includes/javascript/calendarcode.js eval 75 admin/includes/javascript/spiffyCal/spiffyCal_v2_1.js eval 60 admin/includes/modules/newsletters/product_notification.php eval 76 includes/functions/compatibility.php eval 486 includes/functions/general.php eval 146 includes/languages/espanol.php Edited July 25, 2010 by ozstar Quote Link to comment Share on other sites More sharing options...
DannyS Posted July 26, 2010 Share Posted July 26, 2010 It should use the same file and the script doesn't use cache. My guess is that the path is not correct in the cron job and the reference file is being written to the home directory (servers home, not web home). You should check there to see if the file exists and, if it does, fix the cron syntax so the path is correct. Your host may need to help with that. Thanks Jack I can't access the servers home but I will see if through the Sitemonitor configuration it will delete the reference file in 1 day. The cron job path finds Sitemonitor OK, but the call to PHP is 5 directories deep. I will try calling Sitemonitor as a URL and see if then it behaves properly. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.