Latest News: (loading..)

Archived

This topic is now archived and is closed to further replies.

Mort-lemur

Installed X Sell - Now Strange Errors - HELP!

18 posts in this topic

Hi,

 

I have installed X Sell 2.7.2 and found that when I accessed X Sell from my Admin, it caused my IP to be added to my IP trap on my catalog side. I narrowed this down to this line at the end of my .htaccess file where I route 403 errors into the IP trap:

 

ErrorDocument 403 /a folder/index.php

 

When I remove this code X Sell does not ban me.

 

However, I found the following entries in my error log for when I was banned:

 

[sun Sep 26 20:40:15 2010] [error] [client 88.106.40....] client denied by server configuration: /home/user/public_html/images/default.html, referer: https://www.mysite.co.uk/myadmin/xsell.php

 

[sun Sep 26 20:40:15 2010] [error] [client 88.106.40....] client denied by server configuration: /home/user/public_html/images/index.phtml, referer: https://www.mysite.co.uk/myadmin/xsell.php

 

[sun Sep 26 20:40:15 2010] [error] [client 88.106.40....] client denied by server configuration: /home/user/public_html/images/index.php, referer: https://www.mysite.co.uk/myadmin/xsell.php

 

[sun Sep 26 20:40:15 2010] [error] [client 88.106.40....] client denied by server configuration: /home/oser/public_html/images/index.php3, referer: https://www.mysite.co.uk/myadmin/xsell.php

 

There are more entries like this - it is as though X_Sell.php is sniffing for a file in the images folder, although I cannot see this in the X Sell Code.

 

What is going on here ?

 

Thanks

Share this post


Link to post
Share on other sites

Hi again,

 

Could the above be caused by this line of code in the admin/xsell.php file:

 

<td class="dataTableContent" align="center"> <?php echo ((is_file(DIR_FS_CATALOG_IMAGES . '/'.$products['products_image'])) ?  tep_image(DIR_WS_CATALOG_IMAGES . '/'.$products['products_image'], "", 

 

Is this causing a search for all versions of index.xx in the images folder which leads to a ban?

 

Thanks

Share this post


Link to post
Share on other sites

Ok,

 

Feeling a bit more relaxed now - I dont now think this is a hack attempt...

 

Checked the site and no unusual files, sitemonitor is not showing anything unusual, virus scan of all files is OK, and no strange code on page source.

 

So all I can assume is thet the

'/'
in the code line above is causing a search of the images directory to look for a landing page, which leads to an IP ban.

 

Would I be correct in assuming this ?

 

Thanks

Share this post


Link to post
Share on other sites

Try changing that particular line of code to;

 

<td class="dataTableContent" align="center"> <?php echo tep_not_null($products['products_image']) ? tep_image(DIR_WS_CATALOG_IMAGES . '/' . $products['products_image'],  $products['products_name'], SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT) : TEXT_NONE; ?> </td>

 

See if the error still occuring.

Share this post


Link to post
Share on other sites

Hi Gary,

 

Thanks for the code, tried it - but it still takes me directly to the IP trap with the same errors in the error log.

 

Thanks

Share this post


Link to post
Share on other sites

In that case it is a problem with it's roots elsewhere.

Share this post


Link to post
Share on other sites

Very Strange then.

 

What sort of code in a file would cause attempts of the images folder for the following file names: home.html + Default.html + index.php5 + default.html + index.phtml + index.php + index.php3 + index.php4 + index.cgi + index.pl + index.shtml + index.html what should I be looking for ? I could post the whole xsell.php file - but it is 407 lines long.

 

I have this code in a .htaccess in my images folder as well which may be blocking these as well :

 

# $Id$
#
# This is used to restrict access to this folder to anything other
# than images

# Prevents any script files from being accessed from the images folder
<FilesMatch "\.(php([0-9]|s)?|s?p?html|cgi|pl|exe)$">
  Order Deny,Allow
  Deny from all
</FilesMatch>

 

Im Completely baffled now.

 

Thanks

Share this post


Link to post
Share on other sites

Can you go to your usual admin / categories page and go to edit a product.

 

Check the log and see if this causes an error.

Share this post


Link to post
Share on other sites

Hi Gary,

 

No errors - I can edit the products without being banned and without any error logs being generated.

 

Thanks

Share this post


Link to post
Share on other sites

How about the same thing, but this time yusing a product without an image.

Share this post


Link to post
Share on other sites

Ok,

 

Found a product with no image - edited it in admin = Banned + Errors as above recorded.

 

What is the problem do you think ?

 

Thanks

Share this post


Link to post
Share on other sites

OK,

 

I have now made sure that all my products have an image - even the inactive ones.

 

Now I don't get banned by the IP trap and no errors are generatef when using X Sell - I would still like to know what causes this if anyone knows.

 

Many Thanks

Share this post


Link to post
Share on other sites

When any script looks for a non-existent file, the banning script is initiated...

 

So...that's where you have to look. Why would a non existent file initiate the script?

Share this post


Link to post
Share on other sites

Ok,

 

Well when the image file is none existant then it starts to look for a "landing" file within the images folder, be it index.html, index.php etc etc, so when that happens the images .htaccess prevents those types of files being run, so it directs to the banning script. ???

 

However, what initiates the progranmme to look for the landing page? and to try all the variations of index or home files as I posted above?

 

Thanks

Share this post


Link to post
Share on other sites

@@Mort-lemur

 

I have the same probs...

and that solved the issue

Have u found the reason?

 

I just want to understand in wich part of the script i have to look

 

I use

osC_Sec_5.0.3

KISS_FileSafe_version_1.0_r12

Security Pro 2.0 ( r7 )_1

 

And where i have to look to define a landing page?

 

Ty

Share this post


Link to post
Share on other sites