Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

[contribution] KISS FileSafe ( file security )


FWR Media

Recommended Posts

bheard,

 

I haven't installed it yet - just looking through this thread and the documentation before I do, but I think you're meant to be using

 

http://

mysite/mystore/filesafe.php?auth=mypass

 

not

 

http://

mysite/mystore/includes/modules/kiss_filesafe/classes/kiss_filesafe.php?auth=mypass

 

 

When I've had 500 errors it's been to do with features a particular server doesn't support, related to a setting in a .htaccess file, though there can be other reasons.

Edited by Andy H
Link to comment
Share on other sites

Update:

 

I have it installed now. Yep, use:

 

mysite/mystore/filesafe.php?auth=mypass

 

to run it manually. Hopefully you won't get the 500 error, bheard. I think the script you were trying to run is just a component of KISS_filesafe, not the main script.

 

 

Annoyingly, my hosting company doesn't allow cron jobs so I plan to just do manual scans. The application_bottom solution seems less than ideal.

Edited by Andy H
Link to comment
Share on other sites

  • 2 months later...

Hey,

 

I just did all the steps to set this up on my osc 2.3.1 store and I'm trying to run a cron job now, I contacted my host and they said they don't offer running cron jobs.

 

Is there anything I can do to run the cron job/ How do I run the cron job I was very confused with the instructions Idk what some of that stuff means.

 

Thanks So much

 

Adamanto75

Link to comment
Share on other sites

  • 5 months later...

Thanks for the KISS contribution. I am using this in all my 2.3 stores now. One thing I miss from my other file monitor is the ability to reset or run from admin. as another poster submitted, what if i am hacked between the time my cron job runs and I reset filesafe.

 

So I added two quick and dirty links in admin. Both are set to target = blank and one runs the filesafe and the other resets it.

<a href="http://www.mysite.com/filesafe.php?auth=123abc" target="_blank">run</a><p>
<a href="http://www.mysite.com/filesafe.php?auth=123abc&reset" target="_blank">reset</a>

no fancy anything, just 2 quick and dirty links to run or reset filesafe.

Do you see any security problems with these hardcoded into an admin file?

 

Tim

Link to comment
Share on other sites

  • 7 months later...

Not sure if there is still support from the developer but just in case there is... Despite the fact that I've excluded the data folder, I keep receiving the Identified files messages with weird filename ".":

File count: 5281

FileSafe ran for: 5.31 seconds

FileSafe paused 2 time(s) to unload server for a total of 4 seconds

Actual parse time: 1.31 seconds

FileSafe Identified Unknown Files:

None

FileSafe Identified Modified Files:

/hosting/www/mystore.com/www/includes/modules/kiss_filesafe/data/.

 

and

 

Modified Files Identified:

File Name: .

File Path: /hosting/www/mystore.com/www/includes/modules/kiss_filesafe/data

Last Modified: 24-02-2013 16:22:21

Inode Change: 24-02-2013 16:22:21

Group: 1001

Permissions: 0755

Executable: yes

File Size: 4.00KB

File Type: dir

Absinthe Original Liquor Store

Link to comment
Share on other sites

  • 2 weeks later...

I installed KISS_FileSafe_version_1.0 and started a cronjob with the following sintax:

/usr/bin/wget --quiet -O - 'http://www.mysite.com/catalog/filesafe.php?auth=12345' >/dev/null 2>&1.

When I browse www.mysite.com/catalog/filesafe.php, I receive the following message:

"The requested URL /catalog/catalog/filesafe.php was not found on this server."

Where I was wrong?

Edited by alexman
Link to comment
Share on other sites

  • 6 months later...

@@Robert,

 

I installed your contribution and ran it just as the instructions said to do for the very first time, and am getting the following Fatal Error:

 

Fatal error: Uncaught exception 'RuntimeException' with message 'SplFileInfo::getMTime() [<a href='splfileinfo.getmtime'>splfileinfo.getmtime</a>]: stat failed for /home/content/86/8227986/html/stats/logs' in /home/content/86/8227986/html/includes/modules/kiss_filesafe/classes/kiss_filesafe_abstract.php:244 Stack trace: #0 /home/content/86/8227986/html/includes/modules/kiss_filesafe/classes/kiss_filesafe_abstract.php(244): SplFileInfo->getMTime() #1 /home/content/86/8227986/html/includes/modules/kiss_filesafe/classes/kiss_filesafe.php(99): Kiss_FileSafe_Abstract->iterate() #2 /home/content/86/8227986/html/filesafe.php(29): Kiss_FileSafe->run() #3 {main} thrown in /home/content/86/8227986/html/includes/modules/kiss_filesafe/classes/kiss_filesafe_abstract.php on line 244

 

I searched this forum and found another user's related question on page 2, but the solution to change the file permissions to 0755 (or even 0777) does not work for me. I believe the contribution was installed correctly and I have tried a number of ways to eliminate this error. Could you please tell me how to resolve it? Thank you in advance for all your help.

osCommerce: made for programmers, ...because store owners do not want to be programmers.

https://trends.google.com/trends/explore?date=all&amp;geo=US&amp;q=oscommerce

Link to comment
Share on other sites

ok, so for one thing I realized that I initially created a password that was a few characters longer than the 8 required. However, this did not fix the issue of the Fatal Error I keep getting when trying to run filesafe. See below. Does anyone have a solution for this issue??

 

Fatal error: Uncaught exception 'RuntimeException' with message 'SplFileInfo::getMTime() [<a href='splfileinfo.getmtime'>splfileinfo.getmtime</a>]: stat failed for /home/content/86/8227986/html/stats/logs' in /home/content/86/8227986/html/includes/modules/kiss_filesafe/classes/kiss_filesafe_abstract.php:244 Stack trace: #0 /home/content/86/8227986/html/includes/modules/kiss_filesafe/classes/kiss_filesafe_abstract.php(244): SplFileInfo->getMTime() #1 /home/content/86/8227986/html/includes/modules/kiss_filesafe/classes/kiss_filesafe.php(99): Kiss_FileSafe_Abstract->iterate() #2 /home/content/86/8227986/html/filesafe.php(29): Kiss_FileSafe->run() #3 {main} thrown in /home/content/86/8227986/html/includes/modules/kiss_filesafe/classes/kiss_filesafe_abstract.php on line 244

osCommerce: made for programmers, ...because store owners do not want to be programmers.

https://trends.google.com/trends/explore?date=all&amp;geo=US&amp;q=oscommerce

Link to comment
Share on other sites

Sorry folks, ..no support for this contribution. I posted twice here and emailed Robert Fisher of FWR Media who developed FileSafe and got nothing. Not sure what happened but his last responce on this topic was on March 23rd of 2011.

 

Although what seems to be a pretty decent contribution, it is not working for me. And with no support, it has no value. Glad it works for some of you. I installed SiteMonitor and it works great! Good luck.

osCommerce: made for programmers, ...because store owners do not want to be programmers.

https://trends.google.com/trends/explore?date=all&amp;geo=US&amp;q=oscommerce

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...