Over 40,000 redirects Site Down!

[Logcbnfvr]

I have over 40,600 permant redirects in 13 days! It seems my html pages work but none of the oc php files will come up in IE. Fire Fox gives this error: "The redirection limit for this URL has been exceeded. Unable to load the requested page. This may be caused by cookies that are blocked."

 

I haven't added any redirects, something is terribly wrong.

 

Any ideas???

[♥Vger]

There is a file called redirect.php in osCommerce which is hackable.

 

There is no URL checking being performed on the redirection page, and allows external sources to use the page as an open redirect relay.

 

The new version of osCommerce MS2 fixes this vulnerability, so I suggest you download it from the downloads section at www.oscommerce.com. In the download you'll also find the instructions to apply the fixes individually. I don't know if this is the cause of your problem, but it won't harm to fix it and find out.

 

Vger

[Logcbnfvr]

There is a file called redirect.php in osCommerce which is hackable.

The new version of osCommerce MS2 fixes this vulnerability, so I suggest you download it from the downloads section at www.oscommerce.com. In the download you'll also find the instructions to apply the fixes individually. I don't know if this is the cause of your problem, but it won't harm to fix it and find out.

 

Vger

 

 

Thank you....I'll give it a shot right away!

[Logcbnfvr]

Well, I did the fix on the rediredt.php but I still can't get into my site. Does this mean the search engines have banned my site due to redirects?

 

Any other suggestions?

[♥Vger]

I think that the error is telling you that your hosts have blocked your osC site, because you've exceeded their maximum number of redirects. You should contact your hosts about this and find out if they have done this, and tell them that you have plugged the exploit.

 

Vger

[Logcbnfvr]

I think that the error is telling you that your hosts have blocked your osC site, because you've exceeded their maximum number of redirects. You should contact your hosts about this and find out if they have done this, and tell them that you have plugged the exploit.

 

Vger

 

I have sent word to my host, so now I will wait. Ipower can be such a pain but this did make me see a problem! Hope this works.

Thank you very much for your assistance!

[boxtel]

I have over 40,600 permant redirects in 13 days! It seems my html pages work but none of the oc php files will come up in IE. Fire Fox gives this error: "The redirection limit for this URL has been exceeded. Unable to load the requested page. This may be caused by cookies that are blocked."

 

I haven't added any redirects, something is terribly wrong.

 

Any ideas???

 

redirect looping

[Logcbnfvr]

redirect looping

What do you mean by redirect looping (well it is kinda self explanitory, really. I get that it is going on and on) but how do I find it and fix it ?

 

Thank you

[boxtel]

What do you mean by redirect looping (well it is kinda self explanitory, really. I get that it is going on and on) but how do I find it and fix it ?

 

Thank you

 

I am sure that somewhere on your site a page is redirecting to itself.

[Logcbnfvr]

I am now up to 42,460 redirects... So there is still something wrong.

Any other ideas?

 

How do you find a loop and stop it?

[boxtel]

I am now up to 42,460 redirects... So there is still something wrong.

Any other ideas?

 

How do you find a loop and stop it?

 

check your logs

[Logcbnfvr]

LOL...Thank you for the info. I guess that would help some one that knew what they were doing. Unfortunatly I do not. Looked at the logs, gee aren't they pretty, it's all giberish to me.

But I do appreciate the response.

[Logcbnfvr]

Would someone have a clue as to what I should be looking for in the logs? Or maybe which logs the problem could be located, the access logs or the error logs? I haven't changed anything on this site in a couple of months, other than add products, so I don't even know where to begin or what to look for. The only thing repeated in any logs seem to be a google file.

 

Rhea, do you have any other ideas?

 

Thank you for any assistance

[Logcbnfvr]

I did finally get ahold of my host... they kindly directed me to their site design team that will gladly design a new site for me for $5,000.00.... Still LOL.

They totally disregarded my question of " do they have my site blocked due to the redirect issue and that I have tried to block the exploit." as Rhea suggested.

 

I tried to contact an oscommerce assistance provider too.. no response yet there...

 

I feel like I am beating my head against a wall but I'd probably" loop"...

[Guest]

sorry i can't help you (i keep clicking this topic to see if you've found a solution), but:

I did finally get ahold of my host... they kindly directed me to their site design team that will gladly design a new site for me for $5,000.00

that's outrageous!!! nice host you have. :lol:

 

unbelievable!

[Logcbnfvr]

sorry i can't help you (i keep clicking this topic to see if you've found a solution), but:

 

that's outrageous!!! nice host you have. :lol:

 

unbelievable!

 

I know! I keep trying to take this lightly but really I could just cry. This site has been doing so well. If I had changed something I could understand a bit better. I'll be looking into a yahoo store or something first thing tomorrow. Thanks for checking in :-)

[Guest]

shops usually always break when left unattended, there's a lot of malicious people out there.

 

have you tried to restore your files from a backup? then any hacking that occured could be done and over with... you'd just need to patch it (or find out how they got in)

 

the fact your host isn't very responsive about your security problem is a bit suspicious. perhaps they were hacked and somebody got into your site that way

[boxtel]

LOL...Thank you for the info. I guess that would help some one that knew what they were doing. Unfortunatly I do not. Looked at the logs, gee aren't they pretty, it's all giberish to me.

But I do appreciate the response.

 

 

if a redirect is looping you would see an enormous amount of requests to the same page in rapid sequence.

 

the whole concept of looping:

 

page A calls page A

 

so you would see a lot of entries like :

 

/GET page A

/GET page A

etc.

[Logcbnfvr]

if a redirect is looping you would see an enormous amount of requests to the same page in rapid sequence.

 

the whole concept of looping:

 

page A calls page A

 

so you would see a lot of entries like :

 

/GET page A

/GET page A

etc.

Boxtel,

It is doing just as you say. But it looks like it is doing it for every page that is clicked in the categories box, not the html pages or the other boxes like information.

 

here's an example minus IP :

XXXXXXXX - - [14/Jan/2006:07:27:49 -0800] "GET /index.php?cPath=45 HTTP/1.1" 301 27317 "http://www.cabinfevergifts.com/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6" XXXXXXXX - - [14/Jan/2006:07:27:49 -0800] "GET /index.php?cPath=45 HTTP/1.1" 301 27260 "http://www.cabinfevergifts.com/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6"

I get the same type thing for every category I try to go to.

So what page is having an issue for all the categories?

 

I do have a back up copy. It's just missing alot of new products and stuff. I will give it a try later today if I can't figure out the redirect looping.

[boxtel]

Boxtel,

It is doing just as you say. But it looks like it is doing it for every page that is clicked in the categories box, not the html pages or the other boxes like information.

 

here's an example minus IP :

XXXXXXXX - - [14/Jan/2006:07:27:49 -0800] "GET /index.php?cPath=45 HTTP/1.1" 301 27317 "http://www.cabinfevergifts.com/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6" XXXXXXXX - - [14/Jan/2006:07:27:49 -0800] "GET /index.php?cPath=45 HTTP/1.1" 301 27260 "http://www.cabinfevergifts.com/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6"

I get the same type thing for every category I try to go to.

So what page is having an issue for all the categories?

 

I do have a back up copy. It's just missing alot of new products and stuff. I will give it a try later today if I can't figure out the redirect looping.

 

if it happens on all pages, first check htaccess files for redirects then application_top.php.

[boxtel]

if it happens on all pages, first check htaccess files for redirects then application_top.php.

 

seo url's uses htaccess redirects.

[Logcbnfvr]

Question... I put this code into my htaccess (log time ago) to prevent these sites from hitting mine.

 

Options +FollowSymlinks

RewriteEngine on

 

RewriteCond %{HTTP_REFERER} poker

RewriteRule .* - [F]

 

I have several, that's just one. It does stop them but could this be causing the issue?

[Logcbnfvr]

In my application_top I have the SEO redirect, that has been there for along time as well.

 

# include the redirect code

include('includes/seo_redirect.php');

 

Other than that I don't see any.

[Jan Zonjee]

Looks like this has something to do with your "down for maintenance" contribution:

curl -v http://www.cabinfevergifts.com/
* About to connect() to www.cabinfevergifts.com port 80
*   Trying 66.235.211.48... * connected
* Connected to www.cabinfevergifts.com (66.235.211.48) port 80
> GET / HTTP/1.1
User-Agent: curl/7.13.1 (powerpc-apple-darwin8.0) libcurl/7.13.1 OpenSSL/0.9.7i zlib/1.2.3
Host: www.cabinfevergifts.com
Pragma: no-cache
Accept: */*

< HTTP/1.1 307 Temporary Redirect
< Date: Sat, 14 Jan 2006 20:24:21 GMT
< Server: Apache/1.3.33 (Unix) mod_log_bytes/0.3 FrontPage/5.0.2.2635 PHP/4.3.11 mod_ssl/2.8.22 OpenSSL/0.9.7d
< Vary: User-Agent
< X-Powered-By: PHP/4.3.11
< Set-Cookie: osCsid=21de2a48848230536cf3465c9df04130; path=/; domain=www.cabinfevergifts.com
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Location: http://www.cabinfevergifts.com/down_for_maintenance.php?osCsid=21de2a48848230536cf3465c9df04130
< Connection: close
< Transfer-Encoding: chunked
< Content-Type: text/html
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html dir="LTR" lang="en">
<head> 
 <title>Log Cabin Decor & Cabin Gifts</title>
 <META NAME="Description" Content="Log cabin decor and cabin themed gifts for hunters, fisherman and outdoor entusiasts.">
 <META NAME="Keywords" CONTENT="cabin decor, log cabin decor, log cabin gifts, fishing gifts, black bear gifts, hunting gifts">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<!-- EOF: Generated Meta Tags -->
<meta name="revisit-after" content="3">
<meta name="classification" content="Gifts, Decor">
<meta name="robots" content="index, follow">
<meta name="rating" content="General">
<meta name="copyright" content="cabinfevergifts.com 2005">
<meta name="author" content="CabinFeverGifts">
<meta name="netinsert" content="840.0.1.12.20.1">

<base href="http://www.cabinfevergifts.com/">
<link rel="stylesheet" type="text/css" href="stylesheet.css">

</head> etcetera

[Logcbnfvr]

I put that up because of the problem, so it isn't the original cause (though it is doing it now!) I just didn't want my customers to be discourage with my site not functioning properly.

Thank you !!!!