Jump to content
Jack_mcs

SiteMonitor

Recommended Posts

It says: Warning: chmod() [function.chmod]: Operation not permitted in /home/xxxxx/public_html/admin/includes/functions/sitemonitor_functions.php on line 597

Cannot change the mode of file (/home/xxxxx/public_html/admin/sitemonitor_configure_0.php)

That error occurs when the code checks to see if the file is writeable and, if not, tries to change the permissions. Your server is setup not to allow that. You can try setting the permissions to writeable (the same as those on the images directory in the root) but it will probably fail again for some other file. The correct fix is to have your host change the settings to allow the admin files to be written to. Some will - some won't.

Share this post


Link to post
Share on other sites

Hi.

 

on a 2.2rca shop I've just installed the latest 2.9 SiteMonitor. And every time I try to run the first configuration I end up beeing banned most likely by the IP Trap 5.2

 

First: I have not installed http://addons.oscommerce.com/info/7509 as mentioned before in this thread.

 

I have OSC_SEC and Security Pro 2.07 installed.

 

back to the problem:

 

In 1st configuration I try to exclude the folders 'admin', 'personal', and just to be sure some more. This works only by adding those folders manually as I get banned when I select those folders from the drop down.

 

Again: As soon as I click update => I get banned and nothing is saved of course.

 

I searched this thread as good as I can, could not find a solution to this.

 

Can someone give me a hint where to look at?

 

Thank you

Share this post


Link to post
Share on other sites

Hi.

 

on a 2.2rca shop I've just installed the latest 2.9 SiteMonitor. And every time I try to run the first configuration I end up beeing banned most likely by the IP Trap 5.2

 

First: I have not installed http://addons.oscommerce.com/info/7509 as mentioned before in this thread.

 

I have OSC_SEC and Security Pro 2.07 installed.

 

back to the problem:

 

In 1st configuration I try to exclude the folders 'admin', 'personal', and just to be sure some more. This works only by adding those folders manually as I get banned when I select those folders from the drop down.

 

Again: As soon as I click update => I get banned and nothing is saved of course.

 

I searched this thread as good as I can, could not find a solution to this.

 

Can someone give me a hint where to look at?

 

Thank you

 

 

Well, it seems that its not IP Trap Contribution that is causing that error, but OSC_SEC.

 

"REASON FOR BAN: postShield() listed item is banned: eval(. "

 

 

Is there anything I can do except uninstalling OSC_SEC?

Share this post


Link to post
Share on other sites

Hi.

 

on a 2.2rca shop I've just installed the latest 2.9 SiteMonitor. And every time I try to run the first configuration I end up beeing banned most likely by the IP Trap 5.2

 

First: I have not installed http://addons.oscommerce.com/info/7509 as mentioned before in this thread.

 

I have OSC_SEC and Security Pro 2.07 installed.

 

back to the problem:

 

 

I believe you'll find this is occurring because of osc_sec being installed. Over in that support thread, this issue is discussed. I am using both and posted my work around over there.

 

See that discussion starting here


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

See that discussion starting here

 

 

Thank You altoid!

 

I was just to focused on Site Monitor so I did not check the OSC_SEC support thread.

 

Yes, changing the sitemonitor_configure_0.php file by hand and then upload it solves the problem.

 

Thank you

Share this post


Link to post
Share on other sites

I seem to recall someone else mentioning the email problem. I forgot to add that to the list of changes. I'll do that with the next version. But in the meantime, you can edit the hacker file. Change

mail($config['email_address'], $subject, $results, $configuration['store_name']);

to

mail('your_address@aol.com', $subject, $results, $configuration['store_name']);

Thanks for mentioning the mistake with the file.

 

 

I am not sure, but I think my question may be related to the above quoted post. (The portion of it that relates to the exclude file)

 

 

When I run the "Manually Check for Hacked Files" from site monitor admin and then go to the results page and check the "Exclude" (second column from the right) and also on the very end of the list check the "Overwrite Exclude File: Create a new exclude file, if checked, or add to the existing one."

 

=> and then hit "update"

 

The next screen remains blank. If I use browsers return button it sends the form again. I tried with latest firefox and safari browsers.

 

I checked the file "sitemonitor_hacker_excludes.txt" and it is still empty.

 

I renamed the file to "sitemonitor_hacker_excludes0.txt" (see above quote) run site monitor again and the file is still empty.

 

I gave 755 permissions on that file, just to try. The file remains empty.

 

 

In site monitor admin I can not check the "Use Exclude File: Use the exclude file, if present, to filter the results." The checkbox seems to be inactiv prior to running manual check.

 

Could it be that this occurs as a consequence to my first problem and the manual edit of the site monitor configuration file?

 

Can anyone help me with this one?

Thank you.

Tom

Edited by Tom172

Share this post


Link to post
Share on other sites

In site monitor admin I can not check the "Use Exclude File: Use the exclude file, if present, to filter the results." The checkbox seems to be inactiv prior to running manual check.

 

Could it be that this occurs as a consequence to my first problem and the manual edit of the site monitor configuration file?

 

Can anyone help me with this one?

Thank you.

Tom

There's nothing in the SiteMonitor code that will prevent the checkbox from being active so it must be due to your setup.

Share this post


Link to post
Share on other sites

to post an update:

 

Without any success I tried to change sitemonitor_admin.php in the following lines

 

  /********************** END CHECK COMMON SECURITY HOLES *********************/

 $fileDeleted = false;
 $foundErrors = 0;
 $hackedFiles = array();
 $hackedFiles = array();
 $hackedResult = false;
 $showErrors  = 0;
 $useExcludeFile = '1';   //if enabled, code will use the disk file with stored files in the hacker file search
 $overwriteExcludeFile = ''; //if enabled, a new hacker exclude list will be built

 $actionDelete  = (isset($_POST['action_delete']) ? $_POST['action_delete'] : false);
 $actionExecute = (isset($_POST['action_execute']) ? $_POST['action_execute'] : false);
 $actionManual  = (isset($_POST['action_manual']) ? $_POST['action_manual'] : false);
 $actionHackerCheck = (isset($_POST['action_hacker_check']) ? $_POST['action_hacker_check'] : false);
 $actionHackerExclude = (isset($_POST['action_hacker_exclude']) ? $_POST['action_hacker_exclude'] : false);
 $action = (isset($_POST['action']) ? $_POST['action'] : false);

 if (tep_not_null($action))  {
     /********************** CHECK THE VERSION ***********************/

 

changed only that line:

 

$useExcludeFile = ''; //if enabled, code will use the disk file with stored files in the hacker file search

 

to:

 

$useExcludeFile = 1; //if enabled, code will use the disk file with stored files in the hacker file search

 

 

it still does not write to that file, or create a new one.

 

 

However the system does create the log files and reference files as it is supposed to.

 

The question now is: why does it not use the exclude file?

Share this post


Link to post
Share on other sites

There's nothing in the SiteMonitor code that will prevent the checkbox from being active so it must be due to your setup.

 

I could not activate the checkbox with a mouse click while browsing admin file. However when I entered a '1' into sitemonitor admin . php file directly it became accessible.

Share this post


Link to post
Share on other sites

I could not activate the checkbox with a mouse click while browsing admin file. However when I entered a '1' into sitemonitor admin . php file directly it became accessible.

 

and I just checked: checkboxes in general work everywhere else in admin as well as on catalog side.

Share this post


Link to post
Share on other sites

ok. another try to narrow it down. Just did a new install, new setup.

 

on admin screen

 

1. hit delete and create new reference file => works (does create a new file that I can see via ftp)

 

2. hit "execute sitemonitor" => works, shows "Run Sitemonitor. Reference file is not deleted. No mismatches found"

 

3. hit "Manually Execute Sitemonitor" => works, get new screen showing:

 

No new files found...

No deleted files found...

Difference found: New-> myadminfolder/sitemonitor_log_0.txt 257068 Original-> 256995

Time Mismatch on myadminfolder/sitemonitor_log_0.txt Last Changed on Sunday, 21 Aug 2011 14:58:46 MET

No permissions mismatches found...

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sitemonitor (0) ran on August 21, 2011, 5:00 pm

Total mismatches found were 2

Total files being monitored is 2519

Email sent to shop owner.

 

and have receive the admin email.

 

 

4. hit "Manually Check for Hacked Files" (unchecked checkbox for use exclude file, as it is most likely empty)

 

=> hit update get a new page with the results, telling me that:

 

"Checked 191 directories containing a total of 1405 files. Skipped 1123 files. 77 suspected hacked files found. "

 

Now, I would like to add those "suspected hacked files" to the exclude file as I don´t think they are actually hacked.

 

 

=> check the very first checkbox in the exclude column which activates all other exclude checkboxes,

 

=> check the "Overwrite Exclude File: " checkbox, as I already know that it is capable of creating a new file,

 

=> hit update

 

=> get a new blank screen. If I use brower´s back button it´ll resend the form

 

go to ftp, check the file sitemonitor_hacker_excludes_.txt = still 0kb still nothing in there

 

go back to admin screen doing the same again (but this time checked the box for use of exclude file

 

=> and again get the same "77 suspeckted hacked files"

 

 

I just don´t understand why your system would just work fine with those functions: delete/create reference fild, run site monitor, check for hacked files, but would fail with that addition of files to the exclude file, if I messed something up during installation.

 

 

 

Just want to add the following:

 

I just checked my providers log files and obviously something tries to create and open that file: "sitemonitor_hacker_exclude"

 

 

However!

 

1) the file is called "sitemonitor_hacker_exclude" at action "create" but it is called "sitemonitor_hacker_excludes_" (see the last "s") at action "open"

 

=> does it have two different names by any reason?

 

 

 

2) the file extension ".txt" is missing on both instances of the logfile, where the logfile for example shows the file extension where e.g. "sitemonitor_log_0.txt" is involved in an action.

 

 

 

As I have stated above: this is a fresh install of your contribution. I have not made any changes to your files other than to the configuration file.

Edited by Tom172

Share this post


Link to post
Share on other sites

1) the file is called "sitemonitor_hacker_exclude" at action "create" but it is called "sitemonitor_hacker_excludes_" (see the last "s") at action "open"

=> does it have two different names by any reason?

 

2) the file extension ".txt" is missing on both instances of the logfile, where the logfile for example shows the file extension where e.g. "sitemonitor_log_0.txt" is involved in an action.

 

As I have stated above: this is a fresh install of your contribution. I have not made any changes to your files other than to the configuration file.

1) ones a form field and ones a file name. They don't have anything to do with each other.

 

2) The file extension is added in the code. i can't say why it doesn't get added in your case though.

Share this post


Link to post
Share on other sites

1) ones a form field and ones a file name. They don't have anything to do with each other.

 

2) The file extension is added in the code. i can't say why it doesn't get added in your case though.

 

 

o.k.

thanks anyway! and sorry for posting all that spam in your thread ;)

tom

Share this post


Link to post
Share on other sites

For those of you using osc_sec, please try this change to fix the blocking issue. In includes/osc_sec.php, find

  function postShield( ) {
   if ( ( !isset( $_POST ) ) || ( $_SERVER[ "REQUEST_METHOD" ] !== "POST" )
                             || ( false === ipBypass() ) ) {
   return;
   } else {

and replace it with

  function postShield( ) {
   if ( ( !isset( $_POST ) ) || ( $_SERVER[ "REQUEST_METHOD" ] !== "POST" )
                             || ( false === ipBypass() ) ) {
   return;
   } else if (strpos($_SERVER['SCRIPT_FILENAME'], 'sitemonitor_configure_setup.php') === FALSE) {

Share this post


Link to post
Share on other sites

For those of you using osc_sec, please try this change to fix the blocking issue. In includes/osc_sec.php, find....

 

Jack, I tested this on one of my 2.2 shops that has osc_sec installed. Before the mod...banned. After the mod, worked fine.

 

In this shops case I have osc_sec configured to work with Fimble's IP block option that is in there.

 

I didn't test it with the method that blocks via .htaccess though.

 

Thanks


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

Jack, I tested this on one of my 2.2 shops that has osc_sec installed. Before the mod...banned. After the mod, worked fine.

 

In this shops case I have osc_sec configured to work with Fimble's IP block option that is in there.

 

I didn't test it with the method that blocks via .htaccess though.

 

Thanks

Thanks for letting me, and others, know. It's good to know it works, at least for the parts you tested.

Share this post


Link to post
Share on other sites

Thanks for letting me, and others, know. It's good to know it works, at least for the parts you tested.

 

You are welcome, I brought this to Taipo's (author of osc_sec) attention for consideration as well.

 

Thanks


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

In the next release of osC_Sec coming out next week sometime, I will code in a bypass for sitemonitor uses.


- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Share this post


Link to post
Share on other sites

The latest version of osC_Sec is now out with a bypass of the sitemonitor files. I have tested it on my test machine and it seems to work fine. Let me know if anyone still has problems with this clashing with sitemon.


- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Share this post


Link to post
Share on other sites

The first error is saying your username is username, which is probably wrong. I don't know how you could get it to run with a wrong one though so I'm confused. The second is probably due to the first but it could be a server setting too. I suggest making sure the confiugre settings are correct and try again.

 

thank you sir its also helpful to me! i have same problem

Share this post


Link to post
Share on other sites

A new version, http://addons.oscommerce.com/info/4441, has been uploaded with these changes:

 

- Added a check for common database hacking.

- Added an exclude all button on the configure page to allow quickly adding all directories. Useful when multiple instances are ran.

- Added an exclude difference button on the configure page to allow quickly adding all un-excluded directories. Useful when multiple instances are ran.

- Added an option to allow setting the location of the log files.

- Added code to display the number of instances which have been setup.

- Added code to allow manually running any instance. Just select the instance and click the third update button.

- Added createCSS and auto_append_file, common hacker names, to the hacker checking code.

- Added code to record reference file replacement in the log when the number of days in the reference reset setting is reached.

- Added error checking for checking the modified date of the reference file since some sites reported this failed.

- Changed sitemonitor_hacker_cron file to use the email address from the SiteMonitor settings instead of the shops.

- Changed how the start directory is loaded on a new installation.

- Changed extensions for configure and reference files to .txt.

- Cleaned up instructions - fixed mistakes and added more.

- Removed admin/quaranteen and admin from stock configure file. The former will be added by the code - the latter is up to the user as to if it should be excluded.

- Removed restriction on start directory. Start where you like and all files below that location will be checked.

Share this post


Link to post
Share on other sites

Hi,

 

thanks for this add on but I've an issue, during the installation, when I go to my os admin pannel to configure the settings and "update" with good informations (I think), I've an error message on the top that say:

 

"Failed to open file /home/USER/public_html/shop/admin/sitemonitor_configure_0.php " (I changed my pannel user name by USER)

 

(Maybe is it because I changed my "admin" directory name, if it is because of that where can I change it to make it work?)

 

Thanks for your help...

Edited by ecigaxc

Share this post


Link to post
Share on other sites

Hi,

 

thanks for this add on but I've an issue, during the installation, when I go to my os admin pannel to configure the settings and "update" with good informations (I think), I've an error message on the top that say:

 

"Failed to open file /home/USER/public_html/shop/admin/sitemonitor_configure_0.php " (I changed my pannel user name by USER)

 

(Maybe is it because I changed my "admin" directory name, if it is because of that where can I change it to make it work?)

 

Thanks for your help...

Try updating to the latest version.

Share this post


Link to post
Share on other sites

The last version of os commerce ? I can't, I've a template working on RC2...

 

And if you mean last version of sitemonitor I've the last version...

 

Another idea ? ^^

Share this post


Link to post
Share on other sites

The last version of os commerce ? I can't, I've a template working on RC2...

 

And if you mean last version of sitemonitor I've the last version...

 

Another idea ? ^^

The last version of SiteMonitor. It doesn't use sitemonitor_configure_0.php, which is what you mentioned in your original post, so you either are not using it or didn't follow the upgrade instructions.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×