Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SiteMonitor


Jack_mcs

Recommended Posts

If someone is able to hack into your site, they can alter your files to send them your customers information. I've seen this happen several times, thus the genesis of this contribution. This contribution will create a record of your files so that they can be checked at a later date. If any files have been added or deleted, or the size, timestamp or permissions were changed, you are notified via email. The script can be ran manually, but the best way is to set up a cron job so that the files are checked automatically.

 

The contribution can be found here.

 

Jack

Edited by Jack_mcs

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

I've installed this contribution.But getting this errors:

 

Warning: fopen(sitemonitor_reference.php): failed to open stream: Permission denied in /home/rezolles/public_html/admin/sitemonitor_functions.php on line 94

Warning: fwrite(): supplied argument is not a valid stream resource in /home/rezolles/public_html/admin/sitemonitor_functions.php on line 106
Cannot write to file (sitemonitor_reference.php)

 

Hope someone will solve my problems.

Link to comment
Share on other sites

It looks like a server setting is preventing the code from creating the file. If you haven't tried to run it manually, do that (http://www.yoursite.com/admin/sitemonitor.php). If it still can't write, ask your host to see what settings they have that is preventing it.

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

So if you at some point change a file on purpose, will it email you everytime it checks or only the first time finds the mismatch?

 

Im assuming you could just delete the site_reference.php file after you add a new file to 'reset' what everything is compared to?

Link to comment
Share on other sites

So if you at some point change a file on purpose, will it email you everytime it checks or only the first time finds the mismatch?
It emails everytime.
Im assuming you could just delete the site_reference.php file after you add a new file to 'reset' what everything is compared to?
That is correct. I thought about adding an admin section that would allow you to recreate the reference file, set the path and so on but I was trying to keep it simple. If there are a lot of requests for that option, I will add that code.

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Jack,

 

Thanks for this contrib I installed it as soon as I found out about it. When I ran http://www.mysite.com/admin/sitemonitor.php a blank page shows I dont know if its supposed to do this or not thats why I am asking.

 

Also where you change the absolute path to your own

/home/bob/public_html/admin

change the setting to

/home/bob/public_html

I am assuming you only do this once.

 

Thank you,

Eric

Link to comment
Share on other sites

Jack,

 

Sorry I should have read the file a little better. I found that you had to change the 0 to a 1 to display the results on the page when you run it manually.

 

I get these results, are they good or bad?

No new files found...

No deleted files found...

Difference found: New-> error_log 7289753 Original-> 7275493

Time Mismatch on error_log Last Changed on Saturday, 05 Aug 2006 20:43:51 GMT

No permissions mismatches found...

Email sent to shop owner.

 

Thanks again,

Eric

Link to comment
Share on other sites

The error log changing is usually normal. It won't always change but could. It can probably be safely ignored since it is a write only file. If someone hacked your site and made code changes, it would be unlikely for them to change that file. Otherwise the results you got are what you want to se. To test it, try uploading some file to your shop. Be sure it is one you don't need. Maybe upload it as zzz.php. When the script runs again you should see that file in your message. Be sure to delete the file when you are done.

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Great contrib, so easy to install too. One question when I add a example file to the admin section of the store it doesn't pick it up but it does in the root, eg it'll pick up store/zzz.php but not store/admin/zzz.php is that a problem my end or is the contrib not supposed to pick up new store/admin/ files

 

Thank you.

Link to comment
Share on other sites

Great contrib, so easy to install too. One question when I add a example file to the admin section of the store it doesn't pick it up but it does in the root, eg it'll pick up store/zzz.php but not store/admin/zzz.php is that a problem my end or is the contrib not supposed to pick up new store/admin/ files

 

Thank you.

 

what do you mean?

Link to comment
Share on other sites

Great contrib, so easy to install too. One question when I add a example file to the admin section of the store it doesn't pick it up but it does in the root, eg it'll pick up store/zzz.php but not store/admin/zzz.php is that a problem my end or is the contrib not supposed to pick up new store/admin/ files

 

Thank you.

Edit the sitemonitor.php file and remove admin from this string. Be sure to remove the quotes and comma associated with it. Then delete the sitemonitor_reference.php file.
 $excludeList = array("cgi-bin","admin","downloads","images","pub","tmp","temp");  //don't check these directories - change to your liking - must be set prior to first run

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

I've installed this contribution.But getting this errors:

 

Warning: fopen(sitemonitor_reference.php): failed to open stream: Permission denied in /home/rezolles/public_html/admin/sitemonitor_functions.php on line 94

Warning: fwrite(): supplied argument is not a valid stream resource in /home/rezolles/public_html/admin/sitemonitor_functions.php on line 106
Cannot write to file (sitemonitor_reference.php)

 

Hope someone will solve my problems.

maybe chmod of admin-dir prevents this from being created!

create a txt file and rename it to sitemonitor_reference.php -> copy this to your /admin and then chmod this file to 777. then it should work.

Edited by Sir.K.O.
Link to comment
Share on other sites

Just think before writing :o

 

I got the same error as Rezolles_net -> Here's the working solution!

 

1. DON'T create the file sitemonitor_reference.php manually!! you already did? delete it!

2. chmod your admin directory with 777 but DON'T chmod the files within! just the directory!

3. run the script to generate the sitemonitor_reference.php

4. use the script regular as cronjob and watch bad things happen ;)

 

if you use daily automated updates for products, you may add "images" folder to exclude list or you will get mails every day when new pictures where added -> but also good option to see if it works ;)

Link to comment
Share on other sites

Just think before writing :o

 

I got the same error as Rezolles_net -> Here's the working solution!

 

1. DON'T create the file sitemonitor_reference.php manually!! you already did? delete it!

2. chmod your admin directory with 777 but DON'T chmod the files within! just the directory!

3. run the script to generate the sitemonitor_reference.php

4. use the script regular as cronjob and watch bad things happen ;)

 

if you use daily automated updates for products, you may add "images" folder to exclude list or you will get mails every day when new pictures where added -> but also good option to see if it works ;)

 

Thanks..it's working

 

Lol...you have to update your instructions... >_<

Link to comment
Share on other sites

I have to block out my admin directory or the script times out. Is there a way to specify not to scan certain folders within the admin directory, such as images, so that we can scan the other php files in admin and not timeout?

 

Would something like this work? :

$excludeList = array("cgi-bin","admin/images","downloads","images","pub","tmp","temp");

Edited by Sid04
Link to comment
Share on other sites

It should but I never tested it. You can try it though. Just delete your reference file and run it from admin. If it runs and your reference file has valid entries, then you are all set.

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

What I posted above does work, just FYI.

 

Question for you though. I can use the above and scan my admin directory minus the images folder.....all works fine. I can then run the sitemonitor.php file and it runs very quickly, but if I add a small text file on the server(just a test file so it can find something different) it times out. Why does it run SO fast if no files have changed but time out if anything has changed?

Link to comment
Share on other sites

When a new file is added a different section of code is used to check for changes. This other section requires several passes to be made to find the changes. If the number of files being checked are large then it might time out on you. You would need to limit the files a little more until it will run without timing out. It is a server limitation and there is no easy way to code around that, other than limiting the size of the reference file.

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...