Jump to content
Jack_mcs

SiteMonitor

Recommended Posts

That is an invalid filename. SiteMonitor can't handle invalid filenames.

 

Appreciate your blazing fast response.

 

well, that may explain the mismatches. Also noticed that ser file had all

the boxes checked for permissions and trying to set it to 644 was futile

(at least it was from ftp).

 

Any advice regarding ser files and permissions?

 

Thanks,

jk

Share this post


Link to post
Share on other sites

Hi Jack,

v2.7

Hope all is excellent with you.

When using the 3rd Update button

(Manually Execute Sitemonitor)

getting numerous (36) messages like: (all in the phpids folder, btw)

permissions Mismatch on includes/phpids/lib/IDS/tmp/URI/4.1.1 Currently set to "0" was set to "327"

permissions Mismatch on includes/phpids/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer/CSS/4.1.0 Currently set to "0" was set to "22628"

 

not sure how to decipher Currently set to "0" was set to "327" (or the variations)

since I deleted the contents of the reference file and created a new one with the top button prior to clicking the 3rd button

so what is being compared

1. What is causing it to be set to 0?

2. Should it be reset to the original value?

3. Is this a sign of some skullduggery?

 

Thanks for helping me better understand,

jk

 

 

I am using PHPIDS and had a similar situation. See this thread in the PHPIDS forum, that should help explain.


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

I am using PHPIDS and had a similar situation. See this thread in the PHPIDS forum, that should help explain.

 

Wow, you are just too incredible!

 

One last question

How do I add you to my Christmas List?

jk

Share this post


Link to post
Share on other sites

So busy reading the response, I failed

to notice the author, dunce that I am.

 

Thanks, altoid.

 

It is puzzling how those

.ser file values are changing when creating

a fresh reference file from an empty reference

file, and then immediately hitting

the 3rd button while on localhost.

Oh wait, those PHPIDS files have commas

in the file name and coincidently (in the case of one mismatch)

Currently set to "0" was set to "327"

the 327 happened to be the file size

so those mismatches might not be because of changing values,

so much as, site monitor readings being sidetracked by unexpected

punctuation.

And Jack mentioned those file names were invalid (comma-tose?)

so maybe, just maybe, this explains the anomaly.

Which in turn would certainly reduce my paranoia

about ghosts in the machine.

 

jk

Share this post


Link to post
Share on other sites

So busy reading the response, I failed

to notice the author, dunce that I am.

 

Thanks, altoid.

 

It is puzzling how those

.ser file values are changing when creating

a fresh reference file from an empty reference

file, and then immediately hitting

the 3rd button while on localhost.

Oh wait, those PHPIDS files have commas

in the file name and coincidently (in the case of one mismatch)

Currently set to "0" was set to "327"

the 327 happened to be the file size

so those mismatches might not be because of changing values,

so much as, site monitor readings being sidetracked by unexpected

punctuation.

And Jack mentioned those file names were invalid (comma-tose?)

so maybe, just maybe, this explains the anomaly.

Which in turn would certainly reduce my paranoia

about ghosts in the machine.

 

jk

 

That's a good observation. I am far from an expert on this but regardless of the cause, I think excluding those directories is the way to go for those using PHPIDS. So far so good for me anyway.


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

That's a good observation. I am far from an expert on this but regardless of the cause, I think excluding those directories is the way to go for those using PHPIDS. So far so good for me anyway.

 

 

Unless, of course, an if then conditional could be added for those two folders only

that ignored the comma, thus still providing notification of any other signs of

infiltration. Or maybe I'm just being overly cautious or is that naive?

 

jk

Share this post


Link to post
Share on other sites

Have installed this and it's working great, running as a cron job daily.

 

Just one question...the file check email is sent to me as per the config settings but the hacked file email is going to the store owner email address (which isn't me).

 

Can I set a different email address for that cron job, and if so how?

Share this post


Link to post
Share on other sites

Have installed this and it's working great, running as a cron job daily.

 

Just one question...the file check email is sent to me as per the config settings but the hacked file email is going to the store owner email address (which isn't me).

 

Can I set a different email address for that cron job, and if so how?

You would have to change it in the sitemonitor_hacker_cron.php file.

Edited by Jack_mcs

Share this post


Link to post
Share on other sites

Well php isn't my forte but would changing

 

/*********************** SEND THE RESULTS **********************/

$subject = sprintf(TEXT_EMAIL_SUBJECT, $configuration['store_name'], $datestamp);

mail($config['email_address'], $subject, $results, $configuration['store_name']);

 

to

 

/*********************** SEND THE RESULTS **********************/

$subject = sprintf(TEXT_EMAIL_SUBJECT, $configuration['store_name'], $datestamp);

mail(MY_EMAIL_ADDRESS, $subject, $results, $configuration['store_name']);

 

work?

Share this post


Link to post
Share on other sites

Well php isn't my forte but would changing

Yes, that is correct. Be sure to enclose the email address in single quotes, like 'myemail@aol.com' .

Share this post


Link to post
Share on other sites

Hi all,

 

I've installed v2.7. Everything works but one thing.

 

I can't get the exclude list to exclude directories or files. I have searched this forum to no avail.

 

sitemonitor_configure.php is writing correctly and looks like the following:

 

<?php
/************** THE OPTIONS AND SETTINGS ****************/
$always_email = 0; //set to 1 to always email the results
$verbose = 1; //set to 1 to see the results displayed on the page (for when running manually)
$logfile = 1; //set to 1 to see to track results in a log file
$logfile_size = 100000; //set the maximum size of the logfile
$reference_reset = 3; //delete the reference file this many days apart
$quarantine = 0; //set to 1 to move new files found to the quarantine directory
$to = 'user@yourdomain.com'; //where email is sent to
$from = 'From: user@yourdomain.com'; //where email is sent from
$start_dir = '/home/user/public_html/'; //your shops root
$admin_dir = '/home/user/public_html/admin/'; //your shops admin
$admin_username = ''; //your admin username
$admin_password = ''; //your admin password
$excludeList = array('admin/quarantine', 'admin/quarantine', 'cgi-bin', 'admin/ckeditor', 'includes/modules/ultimate_seo_urls5/includes', 'images/banners', 'mail/2010-10-29'); //don't check these directories - change to your liking - must be set prior to first run
$hackIgnoreList = array('jpg', 'jpeg','gif','png','txt','zip'); //don't check these types of files - change to your liking
$hackCodeSegments = array('error_reporting(0)', 'base64_decode','<frame','gzdecode','eval','ob_start("security_update")', 'Goog1e_analist_up', 'eval(gzinflate(base64_decode', 'Web Shell', '@eval', ' header;', 'shell_exec', 'system','SetCookie'); //enter any hacker code that you would like to check for
?>

 

Incidentally sitemonitor_hacker_excludes.txt is not being written to during execution.

 

I have been through the instructions with a fine tooth comb.

 

If any others on the forum have overcome this issue, kindly reply.

 

Peace to all... ...

 

p.s.

Jack,

"Line" in sitemonitor_hacker_cron.php results shows one number less than actual (i.e. "Line 99" should be "Line 100")

and file missing ?> at end

Share this post


Link to post
Share on other sites

I can't get the exclude list to exclude directories or files. I have searched this forum to no avail.

What does this mean? Your exclude list entries show more than the default string has so it has been changed.

$start_dir = '/home/user/public_html/'; //your shops root

I assume your username is correct.

Incidentally sitemonitor_hacker_excludes.txt is not being written to during execution.

During execution of what? The list is updated when you save the confiugre file but not at any other time.

"Line" in sitemonitor_hacker_cron.php results shows one number less than actual (i.e. "Line 99" should be "Line 100")

and file missing ?> at end

Yes, I know, but thanks for mentioning it. That is because the file reader isn't taking the php delimiters into account.

Edited by Jack_mcs

Share this post


Link to post
Share on other sites

Hello Jack,

 

Thank you for your response. I hope I can resolve whether the issue is just me or not.

 

I assume your username is correct.

Yes, you're right that I haven't shown the actual user name in this forum, but it is correct in the actual file.

 

What does this mean? Your exclude list entries show more than the default string has so it has been changed.

During execution of what? The list is updated when you save the confiugre file but not at any other time.

My exclude list entries are writing to the sitemonintor_configure.php file but not to my sitemonitor_hacker_excludes.txt. Mistakenly I assumed the text file must be written to during cron's sitemonitor_hacker_cron.php execution, only because I didn't know otherwise and the date stamp never seemed to change so excuse my ignorance on how sitemonitor_hacker_excludes.txt works. I'm not concerned much with how it works unless its not working due to something I've missed. Though, at a desperate hour I did try writing to it manually to try to get sitemonitor_hacker_cron.php to exclude certain directories from its search, to no avail.

 

So that's my challenge, to have certain directories and files not shown in the email report from sitemonitor_hacker_cron.php. Of course perhaps other people have this aspect working and its just me and I don't realise it. Anyway, I've got site monitor installed on three different oscommerce websites and have the same difficulty on each site.

 

P.s. You've done a great job on this contribution.

Share this post


Link to post
Share on other sites

My exclude list entries are writing to the sitemonintor_configure.php file but not to my sitemonitor_hacker_excludes.txt. Mistakenly I assumed the text file must be written to during cron's sitemonitor_hacker_cron.php execution, only because I didn't know otherwise and the date stamp never seemed to change so excuse my ignorance on how sitemonitor_hacker_excludes.txt works. I'm not concerned much with how it works unless its not working due to something I've missed. Though, at a desperate hour I did try writing to it manually to try to get sitemonitor_hacker_cron.php to exclude certain directories from its search, to no avail.

 

So that's my challenge, to have certain directories and files not shown in the email report from sitemonitor_hacker_cron.php. Of course perhaps other people have this aspect working and its just me and I don't realise it. Anyway, I've got site monitor installed on three different oscommerce websites and have the same difficulty on each site.

No problem. I was just trying to understand the problem. The sitemonitor_hacker_excludes.txt is only written too when you run the hacker test in admin (bottom update button). You can check any files that displaying and then click the checkbox at the bottom of the page and those files will be listed in the file and will be ignored by the hacker cron job. Otherwise it will check everything. So the only files that can be excluded, from the program side, are suspected hacker files. You can edit the file manually and add whatever files you like. Just enter one filename per line. I'm not sure, off the top of my head, how the paths are entered but you can exclude some file in some directory and then check that file to find out. Be sure the USE_EXCLUDE_FILE option in the hacker cron file is set to true, which it is by default. Once you do that, it should work as you want.

P.s. You've done a great job on this contribution.

Thank you.

Share this post


Link to post
Share on other sites

Hi,

 

I installed this contribution, but there comes some errors:

 

Warning: opendir() [function.opendir]: open_basedir restriction in effect. File(/home/catalog4/) is not within the allowed path(s): (/home/my_user_name/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp) in /home/my_user_name/public_html/catalog4/admin/includes/functions/sitemonitor_functions.php on line 392

 

Warning: opendir(/home/catalog4/) [function.opendir]: failed to open dir: Operation not permitted in /home/my_user_name/public_html/catalog4/admin/includes/functions/sitemonitor_functions.php on line 392

Error Your username is invalid. Please change it and try again.: System -> /home/my_user_name/public_html/catalog4/ - SiteMonitor -> /home/catalog4/

 

 

This "Your username is invalid" error comes when I click Admin in admin site, when I click Configure, there comes no "Your username is invalid" .

 

Could you please help what should I do to fix that problem and fix those errors ?

Share this post


Link to post
Share on other sites

Warning: opendir() [function.opendir]: open_basedir restriction in effect. File(/home/catalog4/) is not within the allowed path(s): (/home/my_user_name/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp) in /home/my_user_name/public_html/catalog4/admin/includes/functions/sitemonitor_functions.php on line 392

That failure is probably due to the server setting for the open_basedir option. If you show the error to your host, they should understand what is needed to fix it.

Share this post


Link to post
Share on other sites

That failure is probably due to the server setting for the open_basedir option. If you show the error to your host, they should understand what is needed to fix it.

 

Thank you, my host made some fixes and now this is working ok.

 

But there comes this error when I Execute Sitemonitor and click Update button, result comes to my email but I think I have to chmod some folder, but which folder or do you know what is the reason for that error message: "Warning: copy(sitemonitor_log_29_12_2010.txt) [function.copy]: failed to open stream: Permission denied in /home/viinikau/public_html/catalog4/admin/includes/functions/sitemonitor_functions.php on line 213"

Share this post


Link to post
Share on other sites

Thank you, my host made some fixes and now this is working ok.

 

But there comes this error when I Execute Sitemonitor and click Update button, result comes to my email but I think I have to chmod some folder, but which folder or do you know what is the reason for that error message: "Warning: copy(sitemonitor_log_29_12_2010.txt) [function.copy]: failed to open stream: Permission denied in /home/viinikau/public_html/catalog4/admin/includes/functions/sitemonitor_functions.php on line 213"

The script has to be able to create/write/delete files and that error is saying that is not allowed. So you will need to go back to your host to get that fixed too.

Share this post


Link to post
Share on other sites

A new version has been uloaded with these changes:

 

- Added a check for the start directory to ensure it is not trying to load the complete server.

- Added javascript code to check the start directory on update.

- Added to hacker code segments checks as posted in the support thread.

- Added some usage notes to the readme file.

- Added code to close open files.

- Added code to change the servers settings for error reporting.

- Added code to check if the log and reference files can be written to.

- Added code to allow multiple instances of SiteMonitor to be ran.

- Added code for oscommerce 2.3.

- Fixed coding mistake introduced in last update that caused the admin name to be renamed.

- Fixed coding mistake introduced in last update that caused some messages to not show in the result email.

- Fixed minor problems like spelling mistakes and removed some code that wasn't being used.

 

Since this version drastically changes how the code works, I suggest installing it in a test shop first. I have tested it here and it works fine but that is not uncommon since I code using my test system.

 

Also, some of the changes may not work correctly on some servers and/or cause error messags to display. There are settings in the files to prevent that if needed but without knowing the problem, I can't really state beforehand what to change. They are not dangerous problems and won't cause any harm other than maybe preventing the script from running or displaying annoying messages. Testing should be done if in doubt though.

Share this post


Link to post
Share on other sites

Jack,

 

I installed the update from v2.7 to v2.8 and ran the top upgdate button and got this error in the left column just above "Site Monitor":

 

Notice: Use of undefined constant ENABLE_SSL - assumed 'ENABLE_SSL' in /home/.../catalog/admin/includes/functions/html_output.php on line 24

 

This error did not appear when I ran the update with v2.7.

 

Thanks,

Blaine

Share this post


Link to post
Share on other sites

I installed the update from v2.7 to v2.8 and ran the top upgdate button and got this error in the left column just above "Site Monitor":

 

Notice: Use of undefined constant ENABLE_SSL - assumed 'ENABLE_SSL' in /home/.../catalog/admin/includes/functions/html_output.php on line 24

 

This error did not appear when I ran the update with v2.7.

In admin/includes/sitemonitor_functions.php, change

$handleErrors = true;

to

$handleErrors = false;

Share this post


Link to post
Share on other sites

Also, the instruction to change the cron styntax from sitemonitor.php to sitemonitor_0.php refers to a file that is non-existant.

That is a mistake. It should say to change it from sitemonitor.php to sitemonitor.php&instance=0, or whatever number you have setup. The instructions in the main readme file is correct.

Share this post


Link to post
Share on other sites

In admin/includes/sitemonitor_functions.php, change

$handleErrors = true;

to

$handleErrors = false;

You must mean admin/includes/functions/sitemonitor_functions.php

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×