Jump to content
Latest News: (loading..)
Jack_mcs

SiteMonitor

Recommended Posts

Hi I have just installed this add-on using XAMPP on localhost. I have got to configure and changed the email address. the curl username and password has been removed as I'm not using this.

 

Anyway I get to update and at the top of the screen I get the error pink stripe and the warning sign but no message. When I get to Sitemonitor > Configure, I get a warning

saying The sitemonitor_reference file cannot be written to.

This is a permissions problem. You have to allow files the files in admin write permissions. This is nomally the case in Xampp but maybe you have something different in your setup.

 

 

I also get the following mesaage in Administrators:

 

This isn't anything to do with SiteMonitor. It is a security option in 2.3. If you search the forums for it, you will find how to use it, though it is not necessary when using a local setup.

 

 

I also get a note on the SiteMonitor admin page :

Which leads me to a 2.2 add-on.

Version Checker isn't required, though it is recommended. It will run on any version and the installation requires two files to be uploaded - nothing else.

Share this post


Link to post
Share on other sites

Hi Adamanto75

 

You need to add the line on step 4 before the first

 

 

I know because I initially made that error as well. :)

The instruction says
If your shop is AFTER version 2.3, add this before the first ?>
Please explain how that is incorrect. Edited by Jack_mcs

Share this post


Link to post
Share on other sites

Hi Jack_mcs,

 

I found a typo in your last version of the contribution (3.1)

 

In the file /UpdateDocs/update_V_2.9_to_V_3.0.txt

 

I think that the line:

"4) In any sitemonitor_log....txt files, find the line that starts with"

 

should be replaced by

"4) In any sitemonitor_configure_....txt files, find the line that starts with"

 

 

Thank you to anyone that contributes to OSCommerce. I was a complete newbie two months ago and all the available info/discussions really helped me.

Share this post


Link to post
Share on other sites

Hi Jack_mcs,

 

I found a typo in your last version of the contribution (3.1)

 

In the file /UpdateDocs/update_V_2.9_to_V_3.0.txt

 

I think that the line:

"4) In any sitemonitor_log....txt files, find the line that starts with"

 

should be replaced by

"4) In any sitemonitor_configure_....txt files, find the line that starts with"

 

 

Thank you to anyone that contributes to OSCommerce. I was a complete newbie two months ago and all the available info/discussions really helped me.

Thank you for posting that mistake. I have made the correction.

Share this post


Link to post
Share on other sites

The instruction says

Please explain how that is incorrect.

 

Jack you have completely the wrong end of the stick. The guy was asking why the box didn't show up and I merely told him about the mistake I had made which sounded similar to what I had done previously. It was no criticism on your part at all. :thumbsup:

 

Thanks for your prompt reply on the other stuff.


Debbie Harrison

 

Share this post


Link to post
Share on other sites

Jack you have completely the wrong end of the stick. The guy was asking why the box didn't show up and I merely told him about the mistake I had made which sounded similar to what I had done previously. It was no criticism on your part at all. :thumbsup:

 

Thanks for your prompt reply on the other stuff.

I didn't take it as criticism. I read it as you saying the instructions were wrong and I was asking how so they could be corrected. Just a simple question.

Share this post


Link to post
Share on other sites

No I'm not saying the instructions were wrong just that I couldn't read properly. ;)

 

I missed that all vital word First ?> and that was my error.

 

As for XAMPP setup, I honestly haven't changed permissions. On the configure files, these are easy to set to read only from Explorer but XAMPP does assume that everything is read/write.exe .

I googled it and someone suggested changing the file permissions using a terminal. Sadly the person failed to say what terminal!

Edited by dvharrison

Debbie Harrison

 

Share this post


Link to post
Share on other sites

As for XAMPP setup, I honestly haven't changed permissions. On the configure files, these are easy to set to read only from Explorer but XAMPP does assume that everything is read/write.exe .

I googled it and someone suggested changing the file permissions using a terminal. Sadly the person failed to say what terminal!

You should post the question in the general forum since it isn't a SiteMonitor issue.

Share this post


Link to post
Share on other sites

Jack, I've installed the latest version and this is what I see at the top:

warning_image.jpg

I've double checked both image directories including subdirectories and found no non-image type files there.

post-63621-0-49257500-1328090087_thumb.jpg

Edited by mr_absinthe

Absinthe Original Liquor Store

Share this post


Link to post
Share on other sites

Jack, I've installed the latest version and this is what I see at the top:

warning_image.jpg

I've double checked both image directories including subdirectories and found no non-image type files there.

post-63621-0-49257500-1328090087_thumb.jpg

Someone recently had this problem and posted a change to the code that allowed it to work for him. It seems there is a php compatibility problem or maybe a memory limit being reached due to nested calls. I think it was in the last page or two so it should be easy to find. Edited by Jack_mcs

Share this post


Link to post
Share on other sites

Thank you. I've found it and I've changed the following in sitemonitor_admin.php, from:

$invalidFiles = array_merge((array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.php'),(array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.txt'));
 if (!empty($invalidFiles)) {
$messageStack->add(ERROR_IMAGES_HAS_PHP, 'error');
foreach ($invalidFiles as $filename) {
  echo $messageStack->add($filename);
}
 }

 

to:

$invalidFiles = glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.php');
 if(is_array($invalidFiles) && count($invalidFiles) > 0)
 {
	  $messageStack->add(ERROR_IMAGES_HAS_PHP, 'error');
  foreach($invalidFiles as $filename)
	  {
			echo $messageStack->add($filename);
	  }
 }
 $invalidFiles = glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.txt');
 if(is_array($invalidFiles) && count($invalidFiles) > 0)
 {
	  $messageStack->add(ERROR_IMAGES_HAS_PHP, 'error');
  foreach($invalidFiles as $filename)
	  {
			echo $messageStack->add($filename);
	  }
 }

 

All is fine now, the message is gone, running fine on php 5.3.6


Absinthe Original Liquor Store

Share this post


Link to post
Share on other sites

when i click the configure button i get this

 

 

"Forbidden

You don't have permission to access /bad_conduct/ban.php on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request."

any tips?

Share this post


Link to post
Share on other sites

when i click the configure button i get this

 

 

"Forbidden

 

You don't have permission to access /bad_conduct/ban.php on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request."

 

any tips?

That file isn't part of this contribution. 404 means a file could not be found. If that is due to SiteMonitor, then you'e probably made a mistake with the installation.

Share this post


Link to post
Share on other sites

That file isn't part of this contribution. 404 means a file could not be found. If that is due to SiteMonitor, then you'e probably made a mistake with the installation.

 

About forbidden, its from this contribution XSS/ BAD BEHAVIOR BLOCK. I'm thinking SiteMonitor is doing something it doesn't like.

 

Would you know if this is correct and if so do you have any experience of this issue before? The admin part of SiteMonitor works fine but configure bit has this issue.

 

About the 404 issue, is it possible it is connected to this "forbidden" issue? If so Id like to find out what conflict there is between XSS and SiteMoniter, if any, and go from there

Share this post


Link to post
Share on other sites

now I get this - if someone can tell me what I need to temporarily do with XSS to get SiteMonitor to run it would be appreciated

 

Forbidden!

 

403 Permission Denied

 

 

 

Your IP is banned or file is forbidden

You do not have permission for this request

 

Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted

  • This value may indicate an attempt to compromise our server security, such as a cross-site scripting attack.
  • Please do not be alarmed: it is possible the suspected attempt was triggered innocently.
  • Additionally, we will log your IP address, your request, and the date and time. This information is recorded for security purposes only.
  • These disclosures may also be needed for data privacy or to investigate or respond to a complaint or security threat.

We do not claim any ownership of the content collected. This is done for purposes such as diagnosing service or technical problems, and maintaining server security.

Share this post


Link to post
Share on other sites

Hi Jack,

 

I have just installed this contrib, however I can't configure it with the file sitemonitor_configure_setup.php, I'm having a 404 error.

 

When looking at the error log in my server I see the following:

[Tue Feb 14 16:43:41 2012] [error] [client 194.113.59.80] ModSecurity: Access denied with code 404 (phase 4). Pattern match "(?:(?:<title>[^<]*?(?:\\b(?:(?:c(?:ehennemden|gi-telnet)|gamma web shell)\\b|imhabirligi phpftp)|(?:r(?:emote explorer|57 ?shell)|aventis klasvayv|zehir)\\b|\\.::(?:news remote php shell injection::\\.| rhtools\\B)|ph(?:P(?:(?: commander|-terminal)\\b|remotev ..." at RESPONSE_BODY. [file "/etc/httpd/modsecurity.d/50_asl_rootkits.conf"] [line "102"] [id "390149"] [rev "16"] [msg "Atomicorp.com - FREE UNSUPPORTED DELAYED FEED - WAF Rules: Backdoor access denied"] [data "r57shell"] [severity "CRITICAL"] [hostname "www.MYSERVER.com"] [uri "/admin/sitemonitor_configure_setup.php"] [unique_id "S-S5dn8AAAEAACqpNhgAAAAC"]

 

Any ideas?

 

Thanks in advance for any input!

Share this post


Link to post
Share on other sites

Hi Jack,

 

I have just installed this contrib, however I can't configure it with the file sitemonitor_configure_setup.php, I'm having a 404 error.

 

When looking at the error log in my server I see the following:

[Tue Feb 14 16:43:41 2012] [error] [client 194.113.59.80] ModSecurity: Access denied with code 404 (phase 4). Pattern match "(?:(?:<title>[^<]*?(?:\\b(?:(?:c(?:ehennemden|gi-telnet)|gamma web shell)\\b|imhabirligi phpftp)|(?:r(?:emote explorer|57 ?shell)|aventis klasvayv|zehir)\\b|\\.::(?:news remote php shell injection::\\.| rhtools\\B)|ph(?:P(?:(?: commander|-terminal)\\b|remotev ..." at RESPONSE_BODY. [file "/etc/httpd/modsecurity.d/50_asl_rootkits.conf"] [line "102"] [id "390149"] [rev "16"] [msg "Atomicorp.com - FREE UNSUPPORTED DELAYED FEED - WAF Rules: Backdoor access denied"] [data "r57shell"] [severity "CRITICAL"] [hostname "www.MYSERVER.com"] [uri "/admin/sitemonitor_configure_setup.php"] [unique_id "S-S5dn8AAAEAACqpNhgAAAAC"]

 

Any ideas?

 

Thanks in advance for any input!

The 404 is a page not found. The error is a server error and seems to be saying it won't allow access since it has detected hacker code, which is in the configure file. You should double check the installation and if it is correct, with all files on the server, then ask your host to interpret that error.

Share this post


Link to post
Share on other sites

The 404 is a page not found. The error is a server error and seems to be saying it won't allow access since it has detected hacker code, which is in the configure file. You should double check the installation and if it is correct, with all files on the server, then ask your host to interpret that error.

Thanks, I'm cheking that...

I guess my provider installed some security package, as the other day I added a new product with Poker in the name and I also got a similar error regardind gambling...

Share this post


Link to post
Share on other sites

The 404 is a page not found. The error is a server error and seems to be saying it won't allow access since it has detected hacker code, which is in the configure file. You should double check the installation and if it is correct, with all files on the server, then ask your host to interpret that error.

I got the reply from my provider... It's very helpful...

"This rule is a protection against backdoors and rootkits and it cannot be deactivated. Our advise is to verify the code of this script."

I don't know why I asked, I was already expecting a reply like this...

 

In the end, I'm not allowed to use SiteMonitor because of this rule.

Edited by modem2.0

Share this post


Link to post
Share on other sites

Admin is set to admin? My admin name is not admin, but something more complicated, why is it showing?

That warning occurs if the configure file is setup with the name admin in it so it would seem your configure file is incorrect.

Share this post


Link to post
Share on other sites

If you nstalled the optional Version Checker contribution (just upload two files) then the version will be shown in the heading on the sitemonitor page. If not, you can look in the sitemonitor_admin.php file. The version is shown in the code in the first 10-20 lines, assuming your version is not too old.

 

A white screen usually means the script it timing out due to too many files,which would make sense if files have been added and it was working before. You can get around using the instance option but your version has to have that option.

 

You should upgrade to the latest version regardless because it has improvements you should have. The last version has a wrong file for 2.3 so if you are using that oscommerce versin, be sure to see the posts in this thread regarding that.

 

Hi again, hope you are well.

 

I am still having problems with the program returning to a white screen. You say it could be because there are too many files and its timing out. Is there a way to manually empty the file so that no files are present? Also I do not seem to have the instance option, my version is V2.9.

 

Do you think it would be best up remove sitemonitor and then install it again? I am sure just cleaning out the refernce file would be the best and quickest option but what do you think?

 

Thank you

 

Michael

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×