Jump to content
Jack_mcs

SiteMonitor

Recommended Posts

Jack, in a 2.3.1 shop in Sitemonitor V3.2>Admin>Manually Execute Sitemonitor, after clicking the update button I get this:

 

This only occur with php 5.3.13; when I toggle the shop over to php version 5.2 the warning is not there.

I have this:

 

in the shops application_top.php file.

As far as I know, it should only show such a failure if the date is not present, which is should never be in this case, or if a certain argument is used in that function, which it isn't, so I don't know why it is showing the error. You can try two tihngs to remove it though:

 

- In the sitemonitor_functions.php file, find mktime and change it to @mktime.

 

- Add this to the top of the function that call is in or at the top of the sitemonitor_admin.php file (after the includes application_top line

date_default_timezone_set("America/New_York");

Share this post


Link to post
Share on other sites

I install the contr. as far as i can ( I am really not good in this kind of things)

And I can not bring it to run.

 

I am getting this message:

 

Warning: fopen(/typo24.gr/catalog/admin/sitemonitor_configure_0.txt) [function.fopen]: failed to open stream: No such file or directory in /usr/www/users/myserver/mysite/catalog/admin/includes/functions/sitemonitor_functions.php on line 779

Failed to open file /mysite/catalog/admin/sitemonitor_configure_0.txt

Warning: fclose() expects parameter 1 to be resource, boolean given in /usr/www/users/myserver/mysite/catalog/admin/includes/functions/sitemonitor_functions.php on line 783

 

What has this meaning?

Share this post


Link to post
Share on other sites

Hi Jack,

 

I noticed that on the browser you can open the site monitor text files (sitemonitor_configure_0.txt, sitemonitor_db_reference.txt, etc), and you can also show the text logs from the directory sitemonitor_logs. Shouldn't these files be protected by .htaccess?

 

Regards

Share this post


Link to post
Share on other sites

I am getting this message:

 

Warning: fopen(/typo24.gr/catalog/admin/sitemonitor_configure_0.txt) [function.fopen]: failed to open stream: No such file or directory What has this meaning?

Did you upload all of the files in the package to the correct location on your server? Did you go to the configure section of SiteMonitor and click update to save teh settings?

Share this post


Link to post
Share on other sites

Hi Jack,

 

I noticed that on the browser you can open the site monitor text files (sitemonitor_configure_0.txt, sitemonitor_db_reference.txt, etc), and you can also show the text logs from the directory sitemonitor_logs. Shouldn't these files be protected by .htaccess?

 

Regards

They are in your admin, or should be, which is already protected, or should be.

Share this post


Link to post
Share on other sites

They are in your admin, or should be, which is already protected, or should be.

Mine is not protected by .htpassdw, otherwise I can not configure cron tab (I use a web cron tab as my provider does not allow me to have crontab jobs).

I believe this will happen to lot's of people.

Share this post


Link to post
Share on other sites

Mine is not protected by .htpassdw, otherwise I can not configure cron tab (I use a web cron tab as my provider does not allow me to have crontab jobs).

I believe this will happen to lot's of people.

No, that is not very common. I suggest you find a host that allows using oscommerce properly since it isn't a question of if your site will be hacked, just when it will be.

Share this post


Link to post
Share on other sites

- In the sitemonitor_functions.php file, find mktime and change it to @mktime.

 

Jack, the change to @mktime took care of that warning generated when running php v 5.3.

 

Another thing I notice when running the same process in php v 5.3.13, I am getting this

 

No new files found...

No deleted files found...

No size differences found...

Time Mismatch on myshopsadmin/session_mm_cgi-fcgi503.sem Last Changed on Friday, 13 Jul 2012 01:19:34 GMT

No permissions mismatches found...

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sitemonitor (0) ran on July 12, 2012, 9:19 pm

Total mismatches found were 1

Total files being monitored is 2537

Email sent to shop owner.

 

When I delete the reference file, this file appears every time, with an updated time mismatch.

 

This only occurs with php 5.3; toggling back to 5.2, this output does not occur.

 

Thanks


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

I haven't seen a failure like that before so I don't have an answer for it. But you might want to look at the entry for that file in the reference file. Maybe something is causing it to be recorded incorrectly which in turns causes the script to fail.

Share this post


Link to post
Share on other sites

I haven't seen a failure like that before so I don't have an answer for it. But you might want to look at the entry for that file in the reference file. Maybe something is causing it to be recorded incorrectly which in turns causes the script to fail.

 

Here's what's in the reference file:

 

/home/myname/public_html/myshopsadmin/session_mm_cgi-fcgi503.sem,0,1342142476,600

 

What is that file anyway, I don't see it browsing the shop via my ftp client or the cPanel file manager?


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

Here's what's in the reference file:

 

/home/myname/public_html/myshopsadmin/session_mm_cgi-fcgi503.sem,0,1342142476,600

 

What is that file anyway, I don't see it browsing the shop via my ftp client or the cPanel file manager?

According to http://filext @ com/file-extension/SEM, it is a file used by a design company. If you don't need it for your site, it should be deleted. If possible, out of curiosity, you could copy/rename some common file, like privacy.php, to privacy.sem to see if it is the filetype that is causing a failure.

Share this post


Link to post
Share on other sites

According to http://filext @ com/file-extension/SEM, it is a file used by a design company. If you don't need it for your site, it should be deleted. If possible, out of curiosity, you could copy/rename some common file, like privacy.php, to privacy.sem to see if it is the filetype that is causing a failure.

 

I'll check into this with my host. I've not used a design company but I wouldn't be surprised this file is there because of some of the design support they offer. Or something like that. I'll get back with what I find out and see if what you recommended takes care of this.

 

Thanks


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

I'll check into this with my host. I've not used a design company but I wouldn't be surprised this file is there because of some of the design support they offer. Or something like that. I'll get back with what I find out and see if what you recommended takes care of this.

 

Thanks

 

well that went more quickly than i expected...here's what the host support guy says about that file...

 

 

The file is a session file created by the FastCGI software.

on our VPS accounts we recommend FastCGi, coupled with APC. APC is a caching/snapshot software and FastCGI is a faster handler of CGI/Perl files.

They may update continually, delete and recreate (creating snapshots of the website).

I have confirmed that they are a part of APC's snapshot/caching functions.

APC and FastCGI integrate with PHP to cache the site and improve performance.

 

 

So the support guy recommends not doing anything with it as per above. Which I guess is the best thing to do.

 

Interesting that running Site Monitor on 5.3 picks this up but doesn't when running 5.2

 

Would it be worth considering code in Site Monitor to ignore this file? Right now the only way I think I could avoid it is to exclude all my "admin" folders and files consider this is showing to reside right under the admin side of things.


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

well that went more quickly than i expected...here's what the host support guy says about that file...

 

 

 

 

So the support guy recommends not doing anything with it as per above. Which I guess is the best thing to do.

 

Interesting that running Site Monitor on 5.3 picks this up but doesn't when running 5.2

 

Would it be worth considering code in Site Monitor to ignore this file? Right now the only way I think I could avoid it is to exclude all my "admin" folders and files consider this is showing to reside right under the admin side of things.

Yes, it doesn't sound like it is anything to worry about so you might want to exclude it. There is code in the functions file where you can add it to the list to exclude.

Share this post


Link to post
Share on other sites

Yes, it doesn't sound like it is anything to worry about so you might want to exclude it. There is code in the functions file where you can add it to the list to exclude.

thanks, I'll take a look


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

Hi Jack,

 

I can't setup the server cron job.

I followed your instructions, if I use the method

php /home/username/public_html/catalog/admin/sitemonitor.php X

the instance provided in x is ignored and instance 0 is always run.

 

If I use the 2nd method,

php /home/username/public_html/catalog/admin/sitemonitor.php?instance=X

I get an error saying

Status: 404 Not Found
X-Powered-By: PHP/5.3.13
Content-type: text/html
No input file specified.

 

Is there another way to run it? Or am I doing something wrong?

Share this post


Link to post
Share on other sites

I can't setup the server cron job.

I followed your instructions, if I use the method

[/code]

 

Is there another way to run it? Or am I doing something wrong?

Cron syntax can vary with the host so you need to ask yours to find out what will work on their server.

Share this post


Link to post
Share on other sites

Hi, A CRON related request but I am not sure if it belongs here or on a completely different forum about server management.

 

I have successfully installed/configured this on 2 domains on the same hosting account. I have set up 2 CRON jobs that run once a day.

 

One of my stores now has such a huge number of images that I am encountering time-outs. I have tested running two configs. One for the main osC excluding images, the other for images only. Works like a charm.

 

Now my problem - I am limited to 2 CRON jobs only. Splitting one domain as above means I want to run three CRON jobs. I am thinking of putting the commands into a script file and just running the script as a single CRON job.

/home/www/domain1.com/shop/admin/sitemonitor.php 0
/home/www/domain2.com/shop/admin/sitemonitor.php 0
/home/www/domain2.com/shop/admin/sitemonitor.php 1

 

I have 2 questions;

  1. Is this viable?
  2. Is there a way of adding a delay between the execution of each line?

If not appropriate here, could you recommend a suitable forum?

 

P.S. I can't thank you enough for the peace of mind this brings me each morning. Occasionally the lesser important domain gets a .php file dumped in the images folder but that is protected by a run block in .htaccess so I just delete it. This contribution alone has reduced my stress/worry level no end.

Share this post


Link to post
Share on other sites

 

Now my problem - I am limited to 2 CRON jobs only. Splitting one domain as above means I want to run three CRON jobs. I am thinking of putting the commands into a script file and just running the script as a single CRON job.

 

I have 2 questions;

  1. Is this viable?
  2. Is there a way of adding a delay between the execution of each line?

P.S. I can't thank you enough for the peace of mind this brings me each morning. Occasionally the lesser important domain gets a .php file dumped in the images folder but that is protected by a run block in .htaccess so I just delete it. This contribution alone has reduced my stress/worry level no end.

I'm pleased to here it has helped you and I appreciate you mentioning it.

 

As far as cron, you can't run a script of cron jobs from a control panel. At least, I've never seen a way. I seem to recall reading something about to that by using the shell to connect to crontab, but i don't know where I saw it. I'm sure, if it is possible, it is on the web somewhere. But you may want to ask your host first.

Share this post


Link to post
Share on other sites

Why is it that the simple things in life often turn out to be complicated?

 

Taking your advice above I decided to write a simple .php file for CRON to run. The file, in theory, runs each config in turn.

<?php
/*
 $Id: sitemonitor-CRON.php,v 1.0 31-07-2112 by Paul
 Purpose - Run runSitemonitor function twice, once for each config, with delay between
*/
 require('includes/functions/sitemonitor_functions.php');
 echo "Setting variables for config 0";
 $instance = '0';
 $logFile = 'sitemonitor_log' . '_' . $instance . '.txt';
 $referenceFile = 'sitemonitor_reference' . '_' . $instance . '.txt';
 echo "RUNNING config 0";
 runSitemonitor($referenceFile, $logFile, $verbose);
 echo "Sleep";
 sleep(60);
 echo "Setting variables for config 1";
 $instance = '1';
 $logFile = 'sitemonitor_log' . '_' . $instance . '.txt';
 $referenceFile = 'sitemonitor_reference' . '_' . $instance . '.txt';
 echo "RUNNING config 1";
 runSitemonitor($referenceFile, $logFile, $verbose);
 echo "FINISHED";
?>

The echo statements are purely for debugging.

 

After uploading I entered the URL in the browser expecting to see the echo lines appear one at a time. The page blanked and eventually came back with

Setting variables for config 0RUNNING config 0SleepSetting variables for config 1RUNNING config 1FINISHED

I checked the logs but nothing was updated. I did not get either of the expected emails.

 

Am I missing something obvious?

 

As this is a bit off topic I do not mind if you do not wish to deal with this.

Share this post


Link to post
Share on other sites

Hi

 

I'm having a problem :/

 

whenever I make ANY change to anything in the config or admin, Like change a value or click update, or click any button from the admin page, I get the following:

 

Forbidden

 

You do not have permission to access this document.

 

 

Then, I think it crashes the server, because I cant access any page on the site (admin or catalog).. I cant even access my server via FTP.

 

Any ideas?

Share this post


Link to post
Share on other sites

Why is it that the simple things in life often turn out to be complicated?

 

Taking your advice above I decided to write a simple .php file for CRON to run. The file, in theory, runs each config in turn.

 

After uploading I entered the URL in the browser expecting to see the echo lines appear one at a time. The page blanked and eventually came back with

 

I checked the logs but nothing was updated. I did not get either of the expected emails.

 

Am I missing something obvious?

Looks like you're missing the rerequire('sitemonitor_configure... statement.

Share this post


Link to post
Share on other sites

Hi

 

I'm having a problem :/

 

whenever I make ANY change to anything in the config or admin, Like change a value or click update, or click any button from the admin page, I get the following:

 

Then, I think it crashes the server, because I cant access any page on the site (admin or catalog).. I cant even access my server via FTP.

 

Any ideas?

It's not clear to me if you are saying admin (as in the shop's admin) or Admin (as in Sitemonitor->Admin) but, in either case, it sounds like you may have some contribution installed that prevents access or maybe there is a server setting that is causing the problem. If this only started with the installation of this contribution, then it is probably the latter and you should have your host take a look at it.

Share this post


Link to post
Share on other sites

Looks like you're missing the rerequire('sitemonitor_configure... statement.

Thank you for that. All working nicely now.

 

In case anyone else wants a working copy.

<?php
/*
 $Id: sitemonitor-CRON.php,v 1.0 31-07-2112 by Paul
 Purpose - Run runSitemonitor function twice, once for each config, with delay between
*/
 require('includes/functions/sitemonitor_functions.php');
 echo "Setting variables for config 0";
 $instance = '0';
 $logFile = 'sitemonitor_log' . '_' . $instance . '.txt';
 $referenceFile = 'sitemonitor_reference' . '_' . $instance . '.txt';
 echo "RUNNING config 0";
 require('sitemonitor_configure' . '_' . $instance  . '.txt');
 runSitemonitor($referenceFile, $logFile, $verbose);
 echo "Sleep";
 sleep(60);
 require('sitemonitor_configure_1.txt');
 echo "Setting variables for config 1";
 $instance = '1';
 $logFile = 'sitemonitor_log' . '_' . $instance . '.txt';
 $referenceFile = 'sitemonitor_reference' . '_' . $instance . '.txt';
 echo "RUNNING config 1";
 require('sitemonitor_configure' . '_' . $instance  . '.txt');
 runSitemonitor($referenceFile, $logFile, $verbose);
 echo "FINISHED";
?>

The results are emailed as per ususal.

 

I would recommend removing or commenting out the debugging echo lines once you have tested it.

Share this post


Link to post
Share on other sites

As I have previously stated, this is one of the best 'peace of mind' contributions I have running.

 

Unfortunately one of my less important domains is regularly hit by script kiddies dropping PHP files and other into the store/images folder. I confess that I do not have all available security addons installed but have changed every password including FTP and SSH without success. Without Site Monitor running as a CRON job I could have a lot of problems.

 

Cleaning up after the nuisances was a pain! I eventualy tired of FTP deleting the junk so slowly eveolved the following that may be of use to anyone in a similar situation.

 

I added a .htaccess file in the store/images folder to block running the files. That blocks anything other than dropping the file there in the first place. DO THIS even if you do nothing else below.

 

I then created (from Googling a lot of PHP forums etc.) a method of deleting the offending files. Once proven to work I cleaned it up and added it to whos_online.php which I always have loaded. It is fast and with whos_online.php refreshing at 30 second intervals should mean that any script kiddy is unable to run anything from the store/images folder so should give up quite quickly.

 

How to install.

 

Create a .htaccess file in the store/images folder containing the following

# $Id$
#
# This is used to restrict access to this folder to anything other
# than images
# Prevents any script files from being accessed from the images folder
<FilesMatch "\.(php([0-9]|s)?|s?p?html|cgi|pl|exe)$">
  Order Deny,Allow
  Deny from all
</FilesMatch>

 

Create a clean-images.php file in store/admin/includes/functions containing the following

<?php
/*
 $Id: clean-images.php 10-09-2012
 Paul Gwilliam
*/
 function clean_images($mask) {
$files = glob($mask);
 if(count($files) > 0){
   foreach (glob($mask) as $filename){
	 if (file_exists($filename)){
	   echo "<p><b>$filename</b> size " . filesize($filename) . " Date/Time " . date ("d-m-Y H:i:s.", filemtime($filename)) . "</p>";
	   fclose($filename);
	   chmod($filename, 0666);
		 $do = unlink($filename);
		 if($do=="1"){ echo "<p><font color=#00ff00>The file was deleted successfully.</font></p><p><hr></p>"; }
		  else { echo "<p><font color=#ff0000>There was an error trying to delete the file.</font></p><p><hr></p>"; }}
	 else {
	   echo "<p>****** The file $filename does not exist ****** </p>";
	   }
	 }
   }
   else
   {
   echo "<p><font color=#00ff00>****** No " . $mask . " files found to delete ******</font></p>";
   }
 }
$mask=""
?>

Now open your store/admin/whos_online.php and look for

				  </table>
				</td>
<?php
 $heading = array();
 $contents = array();
 $heading[] = array('text' => '<b>' . TABLE_HEADING_SHOPPING_CART . '</b>');

Add the following before the </table>

					<tr>
					  <td class="smallText" colspan="9">
						<?php
						// Begin Clean Images Folder (uses includes/functions/clean-images.php)
						$path_to_file = "../images";
						chdir($path_to_file);
						$mask = "*.php";
						clean_images($mask);
						$mask = "*.cgi";
						clean_images($mask);
						$mask = "*.pl";
						clean_images($mask);
						$mask = "*.html";
						clean_images($mask);
						$mask = "*.shtml";
						clean_images($mask);
						$path_to_file = "../admin";
						chdir($path_to_file);
						// End Clean Images Folder
						?>
					  </td>
					</tr>

This can easily be modified to add other file types if desired.

 

If you have found the correct placing it should add the output just after the section that informs you of your IP address.

 

Test it by FTPing a few PHP or other files into your store/images folder.

 

Suggestions on how to block the offending files being added in the first place would be welcom by PM as I do not wish to clutter this thread with irrelevant chatter.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×