Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

osCommerce VTS


Guest

Recommended Posts

thank you, i didn't saw.

Now i have another problem

 

Fatal error: Call to undefined function: ftp_chmod() in /public_html/catalog/admin/AV/ocVTS.php on line 234

What php version are you running your site on?

Link to comment
Share on other sites

Hi

 

Hopefully this is the right place to ask a question about VTS and get some clarification with the installion.

 

My knowledge is very limited - as you will be able to tell from my basic questions!!!

 

1. With regard to the config.php file, is the commenting out below correct for leaving the scan in the 'on' position. Or do I need to comment out the line above as well?

 

// DEBUG MODE

// ----------

// Uncomment this option to enable 'debug' mode

// You will receive verbose reports including clean & infected

// files, as well as debug information for file reading and

// database connections.

// Default: Off (0)

 

// $CONFIG['debug'] = 0; // OFF

$CONFIG['debug'] = 1; // ON

 

2. How do I proceed with a scan, and where would I see the results? Can I alter/adjust when to scan?

 

Again, I appreciate any help that you can give.

 

Ben

Link to comment
Share on other sites

1. With regard to the config.php file, is the commenting out below correct for leaving the scan in the 'on' position. Or do I need to comment out the line above as well?

 

// DEBUG MODE

// ----------

// Uncomment this option to enable 'debug' mode

// You will receive verbose reports including clean & infected

// files, as well as debug information for file reading and

// database connections.

// Default: Off (0)

 

// $CONFIG['debug'] = 0; // OFF

$CONFIG['debug'] = 1; // ON

This is for debug mode only. Use this:

$CONFIG['debug'] = 0; // OFF

 

2. How do I proceed with a scan, and where would I see the results? Can I alter/adjust when to scan?

 

Have you installed ocVTS as described in the install.txt file? :

 

-------------------------------------------------------------------------------------------------

INSTALL: (remember BACKUP!)

* make new folder 'AV' in catalog/admin

 

* Edit config.php to your needs

 

* Edit whitespace.php to your needs

 

* Copy files in package:

index.php - config.php - ocVTS.php - ocVTSa.php - whitespace.php - grep.php - virus.def - files.def

to catalog/admin/AV

 

* CHMOD all files 755 or lower

 

* in catalog/admin/includes/header.php

- find:

</td>

<td class="headerBarContent" align="right"><?php echo (tep_session_is_registered('admin') ? 'Logged in as: ' . $admin['username'] . ' (<a href="' . tep_href_link(FILENAME_LOGIN, 'action=logoff') . '" class="headerLink">Logoff</a>)' : ''); ?>  </td>

 

- add above:

<!--osCommerce Virus & Threat Scan -->

<?php

echo ' | <a href="AV/' . 'index.php" class="headerLink">' . 'Virus & Threat Scan';

?>

<!--osCommerce Virus & Threat Scan -->

---------------------------------------------------------------------------------------------------------

 

If you have, then you should have a menu choice on the top line in admin: "Virus & Threat Scan"

Click on that menu choice and you will get a new page where you can choose what to do..

Link to comment
Share on other sites

hello

i have the latest version but, still have the

Notice: Undefined variable: flagThreat

i do not have the file manager

also i tried clean up and remove it from filenames.php but that created more error about it not being defined.

and i have these errors in grep.php

Notice: Use of undefined constant SERVER_SOFTWARE - assumed 'SERVER_SOFTWARE' in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 53

Notice: Use of undefined constant path - assumed 'path' in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 55

Notice: Undefined index: path in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 55

Notice: Use of undefined constant q - assumed 'q' in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 56

Notice: Undefined index: q in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 56

Notice: Undefined variable: txt1 in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 91

Notice: Undefined variable: results in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 92

Notice: Undefined variable: txt3 in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 93

Notice: Undefined variable: txt2 in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 94

Edited by tedbooks
Link to comment
Share on other sites

hello

i have the latest version but, still have the

Notice: Undefined variable: flagThreat

i do not have the file manager

also i tried clean up and remove it from filenames.php but that created more error about it not being defined.

and i have these errors in grep.php

 

Sorry! All of this should be fixed in next release..

Link to comment
Share on other sites

A new version has been uploaded.

 

Whats new:

* Updated virus.def and files.def

* Added a new procedure to check for file_manager

* Fixed some minor bugs about the notice message

* Fixed a undefined variable bug

* Fixed a bug with whitespace removing, made checking for php version

 

Have fun!

Link to comment
Share on other sites

thank you. great work.

all the problems that i was having is solved.

it might be very presumptuous of me but i have two suggestion

i do not have any idea how had or easy it is going to be but if you could add a replace to the grep.php

so once the keyword is found it can replace it.

also if it is possible to use application_top.php

i have my admin area require login and that would put these files behind the login

Link to comment
Share on other sites

Thanks for the contribution. It was working great. Now I am facing a problem. I recently the SiteMonitor contribution (http://www.oscommerce.com/community/contributions,4441). When I try to go into the sitemonitor configuration in the shop's admin panel, my IP is banned in the htaccess file. I see this error:

 

Forbidden!
403 Permission Denied


Your IP is banned or file is forbidden
You do not have permission for this request

Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted

   * This value may indicate an attempt to compromise our server security, such as a cross-site scripting attack.
   * Please do not be alarmed: it is possible the suspected attempt was triggered innocently.
   * Additionally, we will log your IP address, your request, and the date and time. This information is recorded for security purposes only.
   * These disclosures may also be needed for data privacy or to investigate or respond to a complaint or security threat.

We do not claim any ownership of the content collected. This is done for purposes such as diagnosing service or technical problems, and maintaining server security.

Link to comment
Share on other sites

thank you. great work.

all the problems that i was having is solved.

Glad to hear it works thumbsup.gif

 

it might be very presumptuous of me but i have two suggestion

i do not have any idea how had or easy it is going to be but if you could add a replace to the grep.php

so once the keyword is found it can replace it.

I dont think I would do that with ocVTS, but you can use this program for that.

 

also if it is possible to use application_top.php

i have my admin area require login and that would put these files behind the login

 

ocVTS is for admin use and not for users, that's why it is placed inside admin. (If I understand your question right?)

Link to comment
Share on other sites

Thanks for the contribution. It was working great. Now I am facing a problem. I recently the SiteMonitor contribution (http://www.oscommerce.com/community/contributions,4441). When I try to go into the sitemonitor configuration in the shop's admin panel, my IP is banned in the htaccess file. I see this error:

 

Forbidden!
403 Permission Denied
Your IP is banned or file is forbidden
You do not have permission for this request

I do not know what addons you are using that is reporting this, but it is not ocVTS.

I'm sorry, but I cant help you with this..

Link to comment
Share on other sites

This is for debug mode only. Use this:

$CONFIG['debug'] = 0; // OFF

 

 

 

Have you installed ocVTS as described in the install.txt file? :

 

-------------------------------------------------------------------------------------------------

INSTALL: (remember BACKUP!)

* make new folder 'AV' in catalog/admin

 

* Edit config.php to your needs

 

* Edit whitespace.php to your needs

 

* Copy files in package:

index.php - config.php - ocVTS.php - ocVTSa.php - whitespace.php - grep.php - virus.def - files.def

to catalog/admin/AV

 

* CHMOD all files 755 or lower

 

* in catalog/admin/includes/header.php

- find:

</td>

<td class="headerBarContent" align="right"><?php echo (tep_session_is_registered('admin') ? 'Logged in as: ' . $admin['username'] . ' (<a href="' . tep_href_link(FILENAME_LOGIN, 'action=logoff') . '" class="headerLink">Logoff</a>)' : ''); ?>  </td>

 

- add above:

<!--osCommerce Virus & Threat Scan -->

<?php

echo ' | <a href="AV/' . 'index.php" class="headerLink">' . 'Virus & Threat Scan';

?>

<!--osCommerce Virus & Threat Scan -->

---------------------------------------------------------------------------------------------------------

 

If you have, then you should have a menu choice on the top line in admin: "Virus & Threat Scan"

Click on that menu choice and you will get a new page where you can choose what to do..

 

Thank you for your reply.

 

I have installed all the files in accordance with your instructions including the ocVTS file but can not see any reference to "Virus & Threat Scan" in Admin.

 

I do not have public_html/catalog/admin but do have public_html/admin; is it because of this? do I need to make other changes?

 

I would appreciate any help you can give.

 

Regards

Link to comment
Share on other sites

Thank you for your reply.

 

I have installed all the files in accordance with your instructions including the ocVTS file but can not see any reference to "Virus & Threat Scan" in Admin.

 

Can you list here your admin/includes/header.php file..

Link to comment
Share on other sites

Hi Sijo,

 

I have managed to install this correctly and all seems to be working fine, except when I try run ocVTS - Scan your site using 'virus.def' and 'files.def' files. I recieve a cannot connect message. If I switch debug mod to on i recieve

 

Loaded 281 virus definitions

Loaded 22 files definitions

Could not connect

 

I'm assuming that I have a setting wrong some where. My root isn't in public_htm but in htdocs, is that correct?

 

My settings in whitespace.php is:

 

$ftp_site = 'www.mywebsite.co.uk'; // your ftp site

$ftp_usr = 'mywebsite.co.uk'; // your ftp username

$ftp_pwd = 'password'; // your ftp password

$ftp_root = 'htdocs'; // your ftp site root folder

 

Other than that everything else works.

Tony

Link to comment
Share on other sites

I'm assuming that I have a setting wrong some where. My root isn't in public_htm but in htdocs, is that correct?

 

My settings in whitespace.php is:

 

$ftp_site = 'www.mywebsite.co.uk'; // your ftp site

$ftp_usr = 'mywebsite.co.uk'; // your ftp username

$ftp_pwd = 'password'; // your ftp password

$ftp_root = 'htdocs'; // your ftp site root folder

 

The problem has to do with whitespace checking. Try to turn this off in whitespace.php :

// check for leading & trailing whitespace:
//$chk_ws = true;  // ON
$chk_ws = false;  // OFF

// remove leading & trailing whitespace if found (if set to true, $chk_ws also need to be true!):
//$rmv_ws = true;  // ON
$rmv_ws = false;  // OFF

 

When you run ocVTS it will list your 'Scan root:' near the top. What does it say?

 

$ftp_site, $ftp_usr and $ftp_pwd should be the same as when you FTP (upload) files to your site.

Link to comment
Share on other sites

Hi

 

My website has been hacked and I have found a number of infected files thanks to VTS.

 

I do have an issue though. I am not able to load my website using on Internet Explorer browser, my Kaspersky virus check comes up with a 'Access Denied' message and indicates my website is infected by HEUR:Trojan.Script.Iframer

 

On Chrome and Firefox there is no message and the website loads OK

 

I have read about false positives when using Kaspersky. Is there any guidance you can give me on how to proceed.

 

Many thanks.

Edited by benjaming
Link to comment
Share on other sites

My website has been hacked and I have found a number of infected files thanks to VTS.

 

I do have an issue though. I am not able to load my website using on Internet Explorer browser, my Kaspersky virus check comes up with a 'Access Denied' message and indicates my website is infected by HEUR:Trojan.Script.Iframer

 

On Chrome and Firefox there is no message and the website loads OK

 

I have read about false positives when using Kaspersky. Is there any guidance you can give me on how to proceed.

 

Do you have a link to your site I could try?

You could replace all infected files with safe ones, but:

The best way is to clean your site and then upload it from a safe backup.

Read the How to secure your site to be sure you have done what's needed to have a secure site..

Link to comment
Share on other sites

Hello Sijo, I've instaled VTS on my website since I got flaged by Google, i installed it successfully. I found many files infected so After I cleaned it up and reload my back up files to server. I have re-installed VTS again. But when I run OcVTS here is the message:

 

Loaded 281 virus definitions

 

Loaded 22 files definitions

 

Scan Completed

 

osCommerce Virus & Threat Scan v1.0.8

 

 

Scan root: /shop

 

Threats Definitions: 281

 

Files Definitions: 22

 

Scanned folders: 1

 

Scanned files: 0

 

Possible Infected files: 0

 

Possible Threat files: 0

 

Whitespace found: 0

 

 

Scanning folder /shop ...

 

 

 

Then After I run OcVTSa , I got this:

 

osCommerce VTSa v1.0.8

Directory depth set to 100

Directory root: /shop

 

 

 

Warning: opendir(/shop) [function.opendir]: failed to open dir: No such file or directory in /home/xvzhxrwy/public_html/shop/admin/AV/ocVTSa.php on line 255

 

 

Files checked: 0

Files suspected: 0

Files infected: 0

Files cleaned: 0

Clean errors: 0

Clean warnings: 0

 

 

What Did I do wrong in Installation process?

Link to comment
Share on other sites

Warning: opendir(/shop) [function.opendir]: failed to open dir: No such file or directory in /home/xvzhxrwy/public_html/shop/admin/AV/ocVTSa.php on line 255

 

 

Files checked: 0

Files suspected: 0

Files infected: 0

Files cleaned: 0

Clean errors: 0

Clean warnings: 0

 

 

What Did I do wrong in Installation process?

 

What do you have in config.php for this? :

$CONFIG['scanpath'] =

Link to comment
Share on other sites

What do you have in config.php for this? :

$CONFIG['scanpath'] =

 

Here What I have:

 

$CONFIG['scanpath'] = $_SERVER['public_html']."/shop";

 

Should I replace 'public_html' ? My document root is /home/username/public_html/shop/

 

Is the result from OcVTSa Scan, means everything OK? Please guid me.

Edited by suwandana
Link to comment
Share on other sites

Here What I have:

 

$CONFIG['scanpath'] = $_SERVER['public_html']."/shop";

 

Should I replace 'public_html' ? My document root is /home/username/public_html/shop/

 

Is the result from OcVTSa Scan, means everything OK? Please guid me.

 

If you want to scan from /shop then use:

$CONFIG['scanpath'] = $_SERVER['DOCUMENT_ROOT']."/shop";

 

If you want to scan from your site root, then use:

$CONFIG['scanpath'] = $_SERVER['DOCUMENT_ROOT'];

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...