Jump to content
Jack_mcs

SiteMonitor

Recommended Posts

There's not an option to exclude files but there is a section of code where you can do that if you want. However, the problem with the log files is due to coding errors in the current version. In admin/includes/functions/sitemonitor_functions.php, find

(preg_match('/sitemonitor_log_(?P<digit>\d+).php/', $file, $matches)) ||

and change it to

(preg_match('/sitemonitor_log_(.*).txt/', $file, $matches)) ||

There still a problem somewhere for the second failure you are getting but I haven't had time to track it down.

 

Sorry for the stupid question, but what second failure do you mean? I changed what you told, and now Mismatches are no longer found, neither in sitemonitor_log_0.txt nor in sitemonitor_log_016_04_2011.txt.

Edited by here2learn

Share this post


Link to post
Share on other sites

Sorry for the stupid question, but what second failure do you mean? I changed what you told, and now Mismatches are no longer found, neither in sitemonitor_log_0.txt nor in sitemonitor_log_016_04_2011.txt.

That's the way that code should work. But I applied to a site and only the first message was ignored. I assumed there was some other problem since the fix didn't prevent it but maybe it was something to do with that site. As mentioned, I didn't have time to test it.

Share this post


Link to post
Share on other sites

I installed this contribution however, everytime i run it, with the "delete reference" it deletes my entire site!!?? any ideas?

Share this post


Link to post
Share on other sites

I installed this contribution however, everytime i run it, with the "delete reference" it deletes my entire site!!?? any ideas?

Be sure you don't have the quaranteen option enabled.

Share this post


Link to post
Share on other sites

Be sure you don't have the quaranteen option enabled.

 

Thanks Jack, I tried that too, however, still comes out with the same results.

Share this post


Link to post
Share on other sites

Thanks Jack, I tried that too, however, still comes out with the same results.

There's nothing in the code to delete files unless the quaranteen option is used so, if that is off, I've no idea how that could be happening.

Share this post


Link to post
Share on other sites

Hi. I've just installed sitemonitor and everything seems to be more or less ok. The only thing is, i'm getting an warning message in sitemonitor admin.....

 

WARNING: Your images directory contains non-image type files which is, generally, not correct.

catalog/images/get_product_image.php

 

The file in question is not hacked. It is used to display remote images on my site direct from my supplier.

 

Is there any way to get SiteMonitor to ignore this or is it something i'll just have to deal with?

 

Thanks in advance

Edited by pctekcomponents

Share this post


Link to post
Share on other sites

Hi. I've just installed sitemonitor and everything seems to be more or less ok. The only thing is, i'm getting an warning message in sitemonitor admin.....

 

WARNING: Your images directory contains non-image type files which is, generally, not correct.

catalog/images/get_product_image.php

 

The file in question is not hacked. It is used to display remote images on my site direct from my supplier.

 

Is there any way to get SiteMonitor to ignore this or is it something i'll just have to deal with?

 

Thanks in advance

There's not anything built into the code that will allow excluding such files. You could disable the code that checks for that, though I wouldn't recommend it.

Share this post


Link to post
Share on other sites

Great addition! But I'm getting the same error as stated before:

 

WARNING: Your images directory contains non-image type files which is, generally, not correct.

followed by two blank lines.

 

I've done a fresh install of OsC 2.3.1 and SiteMonitor 2.9 (with version checker). After solving the array error, I'm still getting this message. I've even emptied the images folder and still get this message... (!?) I know it has been mentioned before but so far I haven't seen a solution. Could it have anything to do with manually altering the code to solve the array error by changing

 

 $invalidFiles = array_merge(glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.php'),glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.txt'));

into

 

($invalidFiles = array_merge((array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.php'),(array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.txt'));)

Any suggestions are greatly appreciated.

Share this post


Link to post
Share on other sites

Hi all thanks for the contribu

 

Im having problems configuring it...where the contribu asks for Start Directory: im putting in our domain without the http://www. and still getting an erorr message 404 telling me I dont have permission to view this file....

 

what am not doing?

 

John

Share this post


Link to post
Share on other sites

hello Jack, thank you very much by your help and for this contribution, it is fantastic! :thumbsup: I hope that you excuse my English, I speak english very bad.

 

I'm using the last contribution for v2.2, SiteMonitor V 2.9.

I have a problem. The contribution is installed correctly and it is working well of way manual.

 

But, when I activate the function "quarantine", and a cron is executed, it does not eliminate the new files found, and it stops sending e-mails to me.

But, when I execute it manually, the new files are eliminated and begin it send e-mails.

 

I have tried wiht different commandos for the execution from cron. I have spoken with the support of my hosting, but I can not get that a new file goes to the folder automatically quarantine when the cron command is executed.

 

The command of cron that works in my hosting is this: /usr/local/php5/bin/php-cgi /usr/home/mi_dominio/www/admin/sitemonitor.php

 

Please, help me!!! it is very important for me.

A lot of thanks :)

Share this post


Link to post
Share on other sites

hello Jack, thank you very much by your help and for this contribution, it is fantastic! :thumbsup: I hope that you excuse my English, I speak english very bad.

 

I'm using the last contribution for v2.2, SiteMonitor V 2.9.

I have a problem. The contribution is installed correctly and it is working well of way manual.

 

But, when I activate the function "quarantine", and a cron is executed, it does not eliminate the new files found, and it stops sending e-mails to me.

But, when I execute it manually, the new files are eliminated and begin it send e-mails.

 

I have tried wiht different commandos for the execution from cron. I have spoken with the support of my hosting, but I can not get that a new file goes to the folder automatically quarantine when the cron command is executed.

 

The command of cron that works in my hosting is this: /usr/local/php5/bin/php-cgi /usr/home/mi_dominio/www/admin/sitemonitor.php

 

Please, help me!!! it is very important for me.

A lot of thanks :)

 

The hosting said me the following: Task of cron is working perfectly, but, when a new file is found, it is not found a necessary function so that the execution finalizes:

 

[sat May 14 17:41:02 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/my_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233

 

[sat May 14 17:45:02 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/my_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233

 

[sat May 14 17:46:01 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/my_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233

Share this post


Link to post
Share on other sites

Jack,

 

Thank you for your great contribution. I do appreciate it, and i am sure some others do as well.

 

I am a newbie in this OScommerce, and trying to install your contribution on to my site. But, as usual, nothing goes smooth in this life until the problems had been fixed. I had done some research and some readings on how to fix it, but i just want to reconfirm again to make sure this newbie myself is doing the correct thing.

 

Do you mind to be so kind to give me some comments or some advice on my following questions... or, maybe some friendly strangers who accidentally read this message would be so kind to help, please...

 

For your info, i am using OSCOMMERCE 2.3.1 with your Site Monitor v2.9

Also, i am installing this into a test store with the standard original oscommerce template, and i havent added any new products yet other than those ones came with the OSCOMMERCE 2.3.1

 

CASE ONE

After installation on Sitemonitor, I arrive at the step 6 of your manual [asking me to go to the following page --> Go to admin->Sitemonitor->Admin

I received a Warning message : admin name should not be admin...

 

The path i took to solve it : i changed the admin directory name to NEWADMIN name, and i also change two lines in the NEWADMIN/includes/configure.php

 

define('DIR_WS_ADMIN', '/NEWADMIN/');

define('DIR_FS_ADMIN', '/your/path/to/directory/NEWADMIN/');

 

Since I have done that, I understand that my new login page would be http://domain_name.com/NEWADMIN instead of http://domain_name.com/admin

 

This solve my problems, but I ended up with 2 questions on my mind. (These 3 questions might be a general OSCOMMERCE questions, but since this happened after the installation. I think i'd give it a go to ask the questions here)

Q1) Is that the only configure.php files i need to modified. If not, any idea which other configure.php files i need to modified?

Q2) Since I had rename the admin directory to NEWADMIN. That means in the future, when i want to install other contributions, and if that certain contribution asked me to copy certain files into admin directory. This means i have to copy those files to NEWADMIN directory of mine, instead of creating a new directory name admin. Am I correct?

 

 

CASE TWO

Still at Step 6, as per your manual, it was stated...

 

Step 6: Go to admin->Sitemonitor->Admin and click the top button. A message should

be displayed saying that the file was ran for the first time. Then click

on the second or third button to actually run a test. A "No mismatches found"

message should be displayed. If not, something is wrong with the installation.

 

Everytime I clicked on the first button, I received the following message :

 

sitemonitor_reference_0.php has been deleted!

First time ran. Reference file was created and saved.

 

Q3) I received that message everytime I click on the 1st button. I assume I am doing the correct thing here, right? I am just a bit confused with the message of First time ran, eventough i have clicked that button for 3+ times.

 

 

I clicked on the second update button. It gave me the results of the following

 

1 mismatches were found. Run the script manually or see the email for the actual mismatches.

 

Q4) I got 1 mismatch shown. Is something wrong with my installation? As per your guide, I should received "No Mismatched Found"

 

 

I click on the third update button. It gave me the following output.

 

No new files found...

No deleted files found...

Difference found: New-> admi123ok/sitemonitor_log_0.txt 111824 Original-> 111649

Difference found: New-> admi123ok/sitemonitor_log_016_05_2011.txt 111824 Original-> 111649

Time Mismatch on admi123ok/sitemonitor_log_0.txt Last Changed on Monday, 16 May 2011 13:20:10 GMT

Time Mismatch on admi123ok/sitemonitor_log_016_05_2011.txt Last Changed on Monday, 16 May 2011 13:22:09 GMT

No permissions mismatches found...

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sitemonitor (0) ran on May 16, 2011, 9:22 am

Total mismatches found were 4

Total files being monitored is 972

Email sent to shop owner.

 

 

Q5) Again, I am confused. I got 4 mismatches here. Is there something wrong with my installation? Should it be a "No Mismatch" ?

 

 

Lastly, I clicked on the last button, and it shows me the following together with a table [which i am not showing here]...

 

Checked 100 directories containing a total of 640 files. Skipped 329 files. 27 suspected hacked files found.

 

Q6) I assume all of those are just suspected files. and I have to keep and eye and checked it. Am I correct? I say this based on your manual that shown on the quote below.

 

- The hacker test lists files that "may be" hacked files. The hackers use

code that legitimate in some oscommerce files so it is not possible to say

for sure if the file found is infected or not from within the program. If

you are in doubt, compare your file with a known good one.

 

- In general, a hacker will usually add their code at the very beginning (first

or second line) or the very end (last line) of a file. That is because if they

add it in the middle, they can't be sure it will work since the code they insert

it into may be conditional code. This isn't a hard and fast rule but it is almost

always the case, in my experience. So if you see a file in the hacker test list

and the line number is greater than 2 and less than the total number of lines in

the file (you would need to click on the file name to verify that), then the file

is probably OK.

 

Q7) On the table list which is not showing here, i have got a RED COLOUR which means it is higher probability of it being a hacker file... which is as follow:

 

Ref = untick

Line = 18

File = NEWADMIN/sitemonitor_configure_0.php

Hacker Code = error_reporting(0)

Dates Match = untick

 

0001 <?php

0002 /************** THE OPTIONS AND SETTINGS ****************/

0003 $always_email = 1; //set to 1 to always email the results

0004 $verbose = 1; //set to 1 to see the results displayed on the page (for when running manually)

0005 $logfile = 1; //set to 1 to see to track results in a log file

0006 $logfile_size = 100000; //set the maximum size of the logfile

0007 $logfile_delete = 30; //set of days to wait before a previous log file is deleted - leave blank to never delete

0008 $reference_reset = 3; //delete the reference file this many days apart

0009 $quarantine = 0; //set to 1 to move new files found to the quarantine directory

0010 $to = 'queries@yangscreation.com'; //where email is sent to

0011 $from = 'queries@yangscreation.com'; //where email is sent from

0012

0013 $start_dir = '/hermes/web10/b1366/pow.tjiyang/htdocs/yangscreation/subdomain_store/'; //your shops root

0014 $admin_dir = 'http'; //your shops admin

0015 $admin_username = ''; //your admin username

0016 $admin_password = ''; //your admin password

0017 $excludeList = array('admin/quarantine', 'cgi-bin','admin'); //don't check these directories - change to your liking - must be set prior to first run

0018 $hackIgnoreList = array('jpg', 'jpeg','gif','png','txt','zip'); //don't check these types of files - change to your liking

0019 $hackCodeSegments = array('error_reporting(0)', 'base64_decode','<iframe','gzdecode','eval','ob_start("security_update")', 'Goog1e_analist_up', 'eval(gzinflate(base64_decode', 'Web Shell', '@eval', ' header;', 'shell_exec', 'system','SetCookie','Meher Assel', 'nt02', '<script src','r57shell'); //enter any hacker code that you would like to check for

0020 ?>

 

My question is .. Even this is RED COLOUR, but it seems like to me not a hacked file, based on the php lines shown on the above quote. Am I correct?

 

Jack, or maybe anyone out there, mind to be so kind to provide me some comments and answer/advise on my 7 questions above, please. Thank you and much appreciated.

Share this post


Link to post
Share on other sites

Great addition! But I'm getting the same error as stated before:

 

WARNING: Your images directory contains non-image type files which is, generally, not correct.

followed by two blank lines.

 

I've done a fresh install of OsC 2.3.1 and SiteMonitor 2.9 (with version checker). After solving the array error, I'm still getting this message. I've even emptied the images folder and still get this message... (!?) I know it has been mentioned before but so far I haven't seen a solution. Could it have anything to do with manually altering the code to solve the array error by changing

 

 $invalidFiles = array_merge(glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.php'),glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.txt'));

into

 

($invalidFiles = array_merge((array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.php'),(array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.txt'));)

Any suggestions are greatly appreciated.

It must be returning something even though nothing is there. Perhaps the version of php your hsot uses has a problem with the glob call? I would hve to see the problem and troubleshoot the code to find the exact reason so this isn't something I can solve here.

Share this post


Link to post
Share on other sites

Hi all thanks for the contribu

 

Im having problems configuring it...where the contribu asks for Start Directory: im putting in our domain without the http://www. and still getting an erorr message 404 telling me I dont have permission to view this file....

 

what am not doing?

If you type something in and click update, an error should popup showing what it should be.

Share this post


Link to post
Share on other sites

The hosting said me the following: Task of cron is working perfectly, but, when a new file is found, it is not found a necessary function so that the execution finalizes:

 

[sat May 14 17:41:02 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/my_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233

 

[sat May 14 17:45:02 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/my_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233

 

[sat May 14 17:46:01 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/my_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233

That is usuallt due to the path not being correct in the cron job. I can't say what will work for your server since it is specific to it but you may need to cd to the directory first. Something like

 

 

cd /usr/home/mi_dominio/www/admin/; /usr/local/php5/bin/php-cgi -c /usr/home/mi_dominio/www/php.ini -q /usr/home/mi_dominio/www/admin/sitemonitor.php

 

You will have to check with your host for the exact syntax.

Share this post


Link to post
Share on other sites

That is usuallt due to the path not being correct in the cron job. I can't say what will work for your server since it is specific to it but you may need to cd to the directory first. Something like

 

 

cd /usr/home/mi_dominio/www/admin/; /usr/local/php5/bin/php-cgi -c /usr/home/mi_dominio/www/php.ini -q /usr/home/mi_dominio/www/admin/sitemonitor.php

 

You will have to check with your host for the exact syntax.

 

 

I checked with my host that I've mentioned, but unfortunately still not working properly. We tried different commands:

I changed this,(h77p = http) so that not a link. :-"

 

/usr/bin/wget -q -O /dev/null h77p://www.mi_dominio.com/admin/sitemonitor.php?instance=0

 

/usr/bin/wget -q -O /dev/null h77p://www.mi_dominio.com/admin/sitemonitor.php

 

/usr/bin/wget -q -O /dev/null h77p://www.mi_dominio.com/admin/sitemonitor.php?instance=0

 

/usr/bin/wget -q -O /dev/null h77p://www.mi_dominio.com/admin/sitemonitor.php&instance=0

 

/usr/local/php5/bin/php-cgi /usr/home/mi_dominio/www/admin/sitemonitor.php&instance=0

 

/usr/local/php5/bin/php-cgi /usr/home/mi_dominio/www/admin/sitemonitor.php?instance=0

 

/usr/local/php5/bin/php-cgi /usr/home/mi_dominio/www/admin/sitemonitor.php

 

But it still produces the same error

 

[warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/mi_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233

 

The host asked me if you can run directly in the browser like this:

http://www.mi_dominio.com/admin/sitemonitor.php

 

thanks Jack_mcs

Share this post


Link to post
Share on other sites

The host asked me if you can run directly in the browser like this:

http://www.mi_dominio.com/admin/sitemonitor.php

Yes, it can be ran like that. Also, the third update button allows the same thing.

Share this post


Link to post
Share on other sites

Hello Jack_mcs, thank you very much for your help.

 

I keep having the same problem.

When I run it from the browser, detects a new file, but although I have checked the box to send to the quarantine folder, the new file remains in the same folder and not moved to the quarantine folder.

 

The host asked me if possible that we need to enter the name and password for the admin somewhere. Or perhaps change the paths in the files themselves.

 

I attached a picture with my settings to see if it is correct.

 

I beg you to help me again, I would really like SiteMonitor work properly.

 

SiteMonitor.png

Share this post


Link to post
Share on other sites

I keep having the same problem.

When I run it from the browser, detects a new file, but although I have checked the box to send to the quarantine folder, the new file remains in the same folder and not moved to the quarantine folder.

 

The host asked me if possible that we need to enter the name and password for the admin somewhere. Or perhaps change the paths in the files themselves.

The code expects the quarantine directory to be admin and have the correct permissions. Other than that, nothing else should be necessary. Try this to see where the problem is at. Create a file named movetest.php and insert the following into it

<?php
$src = '../aaa.php';
$dest = 'quarantine/aaa.php';
echo (rename($src, $dest) ? 'moved' : 'not moved');

Change the aaa.php in the above to some valid file name in the root or create a new file with that name. Go to admin andchange the url to ...admin/movetest.php. If the move fails, your host can use that to troubleshoot the problem.

Share this post


Link to post
Share on other sites

I tried this. I made a file called movetest.php and I put it in the folder /admin/ and ran it from the browser... it has deleted the file and has gotten into the folder /quarantine/ OK...

the host does not know say to me, all they say is that there is an error.

 

The error is this:

 

[Tue May 24 17:24:02 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/mi_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 264

 

I do not know what else to do Jack_mcs ... I'm desperate

:'(

Share this post


Link to post
Share on other sites

The error is this:

 

[Tue May 24 17:24:02 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/mi_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 264

 

I do not know what else to do Jack_mcs ... I'm desperate

:'(

Unfortunately, this is one of those problems that cannot be handled in a support thread. You can try posting in the general support forum. You may get lucky and find someone willing to go through the code with you. Otherwise, you will need to pay someone to fix it for you.

Share this post


Link to post
Share on other sites

Unfortunately, this is one of those problems that cannot be handled in a support thread. You can try posting in the general support forum. You may get lucky and find someone willing to go through the code with you. Otherwise, you will need to pay someone to fix it for you.

 

it's ok, in any case thank you very much for your help and effort Jack_mcs

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×