Jump to content
Jack_mcs

SiteMonitor

Recommended Posts

No I'm not saying the instructions were wrong just that I couldn't read properly. ;)

 

I missed that all vital word First ?> and that was my error.

 

As for XAMPP setup, I honestly haven't changed permissions. On the configure files, these are easy to set to read only from Explorer but XAMPP does assume that everything is read/write.exe .

I googled it and someone suggested changing the file permissions using a terminal. Sadly the person failed to say what terminal!

Edited by dvharrison

Debbie Harrison

 

Share this post


Link to post
Share on other sites

As for XAMPP setup, I honestly haven't changed permissions. On the configure files, these are easy to set to read only from Explorer but XAMPP does assume that everything is read/write.exe .

I googled it and someone suggested changing the file permissions using a terminal. Sadly the person failed to say what terminal!

You should post the question in the general forum since it isn't a SiteMonitor issue.

Share this post


Link to post
Share on other sites

I didn't know the problem was until then. And this is the only instance where I've had a problem.


Debbie Harrison

 

Share this post


Link to post
Share on other sites

Jack, I've installed the latest version and this is what I see at the top:

warning_image.jpg

I've double checked both image directories including subdirectories and found no non-image type files there.

post-63621-0-49257500-1328090087_thumb.jpg

Edited by mr_absinthe

Absinthe Original Liquor Store

Share this post


Link to post
Share on other sites

Jack, I've installed the latest version and this is what I see at the top:

warning_image.jpg

I've double checked both image directories including subdirectories and found no non-image type files there.

post-63621-0-49257500-1328090087_thumb.jpg

Someone recently had this problem and posted a change to the code that allowed it to work for him. It seems there is a php compatibility problem or maybe a memory limit being reached due to nested calls. I think it was in the last page or two so it should be easy to find. Edited by Jack_mcs

Share this post


Link to post
Share on other sites

Thank you. I've found it and I've changed the following in sitemonitor_admin.php, from:

$invalidFiles = array_merge((array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.php'),(array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.txt'));
 if (!empty($invalidFiles)) {
$messageStack->add(ERROR_IMAGES_HAS_PHP, 'error');
foreach ($invalidFiles as $filename) {
  echo $messageStack->add($filename);
}
 }

 

to:

$invalidFiles = glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.php');
 if(is_array($invalidFiles) && count($invalidFiles) > 0)
 {
	  $messageStack->add(ERROR_IMAGES_HAS_PHP, 'error');
  foreach($invalidFiles as $filename)
	  {
			echo $messageStack->add($filename);
	  }
 }
 $invalidFiles = glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.txt');
 if(is_array($invalidFiles) && count($invalidFiles) > 0)
 {
	  $messageStack->add(ERROR_IMAGES_HAS_PHP, 'error');
  foreach($invalidFiles as $filename)
	  {
			echo $messageStack->add($filename);
	  }
 }

 

All is fine now, the message is gone, running fine on php 5.3.6


Absinthe Original Liquor Store

Share this post


Link to post
Share on other sites

when i click the configure button i get this

 

 

"Forbidden

You don't have permission to access /bad_conduct/ban.php on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request."

any tips?

Share this post


Link to post
Share on other sites

when i click the configure button i get this

 

 

"Forbidden

 

You don't have permission to access /bad_conduct/ban.php on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request."

 

any tips?

That file isn't part of this contribution. 404 means a file could not be found. If that is due to SiteMonitor, then you'e probably made a mistake with the installation.

Share this post


Link to post
Share on other sites

That file isn't part of this contribution. 404 means a file could not be found. If that is due to SiteMonitor, then you'e probably made a mistake with the installation.

 

About forbidden, its from this contribution XSS/ BAD BEHAVIOR BLOCK. I'm thinking SiteMonitor is doing something it doesn't like.

 

Would you know if this is correct and if so do you have any experience of this issue before? The admin part of SiteMonitor works fine but configure bit has this issue.

 

About the 404 issue, is it possible it is connected to this "forbidden" issue? If so Id like to find out what conflict there is between XSS and SiteMoniter, if any, and go from there

Share this post


Link to post
Share on other sites

now I get this - if someone can tell me what I need to temporarily do with XSS to get SiteMonitor to run it would be appreciated

 

Forbidden!

 

403 Permission Denied

 

 

 

Your IP is banned or file is forbidden

You do not have permission for this request

 

Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted

  • This value may indicate an attempt to compromise our server security, such as a cross-site scripting attack.
  • Please do not be alarmed: it is possible the suspected attempt was triggered innocently.
  • Additionally, we will log your IP address, your request, and the date and time. This information is recorded for security purposes only.
  • These disclosures may also be needed for data privacy or to investigate or respond to a complaint or security threat.

We do not claim any ownership of the content collected. This is done for purposes such as diagnosing service or technical problems, and maintaining server security.

Share this post


Link to post
Share on other sites

Hi Jack,

 

I have just installed this contrib, however I can't configure it with the file sitemonitor_configure_setup.php, I'm having a 404 error.

 

When looking at the error log in my server I see the following:

[Tue Feb 14 16:43:41 2012] [error] [client 194.113.59.80] ModSecurity: Access denied with code 404 (phase 4). Pattern match "(?:(?:<title>[^<]*?(?:\\b(?:(?:c(?:ehennemden|gi-telnet)|gamma web shell)\\b|imhabirligi phpftp)|(?:r(?:emote explorer|57 ?shell)|aventis klasvayv|zehir)\\b|\\.::(?:news remote php shell injection::\\.| rhtools\\B)|ph(?:P(?:(?: commander|-terminal)\\b|remotev ..." at RESPONSE_BODY. [file "/etc/httpd/modsecurity.d/50_asl_rootkits.conf"] [line "102"] [id "390149"] [rev "16"] [msg "Atomicorp.com - FREE UNSUPPORTED DELAYED FEED - WAF Rules: Backdoor access denied"] [data "r57shell"] [severity "CRITICAL"] [hostname "www.MYSERVER.com"] [uri "/admin/sitemonitor_configure_setup.php"] [unique_id "S-S5dn8AAAEAACqpNhgAAAAC"]

 

Any ideas?

 

Thanks in advance for any input!

Share this post


Link to post
Share on other sites

Hi Jack,

 

I have just installed this contrib, however I can't configure it with the file sitemonitor_configure_setup.php, I'm having a 404 error.

 

When looking at the error log in my server I see the following:

[Tue Feb 14 16:43:41 2012] [error] [client 194.113.59.80] ModSecurity: Access denied with code 404 (phase 4). Pattern match "(?:(?:<title>[^<]*?(?:\\b(?:(?:c(?:ehennemden|gi-telnet)|gamma web shell)\\b|imhabirligi phpftp)|(?:r(?:emote explorer|57 ?shell)|aventis klasvayv|zehir)\\b|\\.::(?:news remote php shell injection::\\.| rhtools\\B)|ph(?:P(?:(?: commander|-terminal)\\b|remotev ..." at RESPONSE_BODY. [file "/etc/httpd/modsecurity.d/50_asl_rootkits.conf"] [line "102"] [id "390149"] [rev "16"] [msg "Atomicorp.com - FREE UNSUPPORTED DELAYED FEED - WAF Rules: Backdoor access denied"] [data "r57shell"] [severity "CRITICAL"] [hostname "www.MYSERVER.com"] [uri "/admin/sitemonitor_configure_setup.php"] [unique_id "S-S5dn8AAAEAACqpNhgAAAAC"]

 

Any ideas?

 

Thanks in advance for any input!

The 404 is a page not found. The error is a server error and seems to be saying it won't allow access since it has detected hacker code, which is in the configure file. You should double check the installation and if it is correct, with all files on the server, then ask your host to interpret that error.

Share this post


Link to post
Share on other sites

The 404 is a page not found. The error is a server error and seems to be saying it won't allow access since it has detected hacker code, which is in the configure file. You should double check the installation and if it is correct, with all files on the server, then ask your host to interpret that error.

Thanks, I'm cheking that...

I guess my provider installed some security package, as the other day I added a new product with Poker in the name and I also got a similar error regardind gambling...

Share this post


Link to post
Share on other sites

The 404 is a page not found. The error is a server error and seems to be saying it won't allow access since it has detected hacker code, which is in the configure file. You should double check the installation and if it is correct, with all files on the server, then ask your host to interpret that error.

I got the reply from my provider... It's very helpful...

"This rule is a protection against backdoors and rootkits and it cannot be deactivated. Our advise is to verify the code of this script."

I don't know why I asked, I was already expecting a reply like this...

 

In the end, I'm not allowed to use SiteMonitor because of this rule.

Edited by modem2.0

Share this post


Link to post
Share on other sites

Admin is set to admin? My admin name is not admin, but something more complicated, why is it showing?

That warning occurs if the configure file is setup with the name admin in it so it would seem your configure file is incorrect.

Share this post


Link to post
Share on other sites

If you nstalled the optional Version Checker contribution (just upload two files) then the version will be shown in the heading on the sitemonitor page. If not, you can look in the sitemonitor_admin.php file. The version is shown in the code in the first 10-20 lines, assuming your version is not too old.

 

A white screen usually means the script it timing out due to too many files,which would make sense if files have been added and it was working before. You can get around using the instance option but your version has to have that option.

 

You should upgrade to the latest version regardless because it has improvements you should have. The last version has a wrong file for 2.3 so if you are using that oscommerce versin, be sure to see the posts in this thread regarding that.

 

Hi again, hope you are well.

 

I am still having problems with the program returning to a white screen. You say it could be because there are too many files and its timing out. Is there a way to manually empty the file so that no files are present? Also I do not seem to have the instance option, my version is V2.9.

 

Do you think it would be best up remove sitemonitor and then install it again? I am sure just cleaning out the refernce file would be the best and quickest option but what do you think?

 

Thank you

 

Michael

Share this post


Link to post
Share on other sites

Hi again, hope you are well.

 

I am still having problems with the program returning to a white screen. You say it could be because there are too many files and its timing out. Is there a way to manually empty the file so that no files are present? Also I do not seem to have the instance option, my version is V2.9.

 

Do you think it would be best up remove sitemonitor and then install it again? I am sure just cleaning out the refernce file would be the best and quickest option but what do you think?

 

Thank you

 

Michael

 

Just a quick update, I copied across the original reference file from the download files and over wrote the file on my store and it appears to work properly now. I can now delete the refence file and create a new one.

 

thank you

 

Michael

Share this post


Link to post
Share on other sites

Jack, I've noticed that the SiteMonitor might not be monitoring files - any idea what might be the reason? I've uploaded new file checkout_success_backup1.php in the root of the shop and it is not being picked up - No mismatches found. Any ideas please?


Absinthe Original Liquor Store

Share this post


Link to post
Share on other sites

Jack, I've noticed that the SiteMonitor might not be monitoring files - any idea what might be the reason? I've uploaded new file checkout_success_backup1.php in the root of the shop and it is not being picked up - No mismatches found. Any ideas please?

If it was working previously and isn't now, then something either changed in the settings or on the server. The former seems more likely though I can't think of anything that would cause that. Try deleting the reference file, click on the top update button, add a file and click on the second update button to see if that works.

Share this post


Link to post
Share on other sites

After deleting the reference file, it's working again, not quite sure what was causing it....


Absinthe Original Liquor Store

Share this post


Link to post
Share on other sites

After deleting the reference file, it's working again, not quite sure what was causing it....

If there are a lot of files to check, Sitemonitor may be timing out. If it happens again, I suggest limiting what is being searched (exclude images, for example) and see if it fails then. If not, then you'll need to create an instance to check only the images.

Share this post


Link to post
Share on other sites

Hi, on your read me file,

Step 5 and Step 6, I am not quite sure what do you mean, can you please tell me where I go to find the setting?

osCommerce backend or the php files?

 

I followed Step1 to Step 4, but I did not see any change to administrator area, and

when I typed http://localhost/myshop/catalog/admin/sitemonitor.php

it showed 2 errors?

 

Warning: opendir(/home/username/public_html,/home/username/public_html) [function.opendir]: The system cannot find the path specified. (code: 3) in C:\Program Files 2\wamp\www\myshop\catalog\admin\includes\functions\sitemonitor_functions.php on line 343

 

Warning: opendir(/home/username/public_html) [function.opendir]: failed to open dir: No such file or directory in C:\Program Files 2\wamp\www\myshop\catalog\admin\includes\functions\sitemonitor_functions.php on line 343

 

what file should I modify?

 

Many thanks in advance.

 

lyn

Share this post


Link to post
Share on other sites

Hi, on your read me file,

Step 5 and Step 6, I am not quite sure what do you mean, can you please tell me where I go to find the setting?

osCommerce backend or the php files?

 

I followed Step1 to Step 4, but I did not see any change to administrator area, and

when I typed http://localhost/myshop/catalog/admin/sitemonitor.php

it showed 2 errors?

 

Warning: opendir(/home/username/public_html,/home/username/public_html) [function.opendir]: The system cannot find the path specified. (code: 3) in C:\Program Files 2\wamp\www\myshop\catalog\admin\includes\functions\sitemonitor_functions.php on line 343

The error is saying it can't find the location specified. Are you sure the username of your account is username, as shown? Assuming it isn't, it means you have not configured the settings. If you can't see the configuration section in admin, then you've made a mistake in the installation or there is something in your admin that is preventing it from showing.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×