Guest Posted September 17, 2010 Share Posted September 17, 2010 thank you, i didn't saw. Now i have another problem Fatal error: Call to undefined function: ftp_chmod() in /public_html/catalog/admin/AV/ocVTS.php on line 234 What php version are you running your site on? Quote Link to comment Share on other sites More sharing options...
pac_indahood Posted September 20, 2010 Share Posted September 20, 2010 PHP Version: 4.4.8 Quote Link to comment Share on other sites More sharing options...
Guest Posted September 20, 2010 Share Posted September 20, 2010 PHP Version: 4.4.8 That's what i thought, php version 4 does not use ftp_chmod() but chmod.. This will be fixed in the next release where ocVTS will check for php version.. Quote Link to comment Share on other sites More sharing options...
Guest Posted September 25, 2010 Share Posted September 25, 2010 Hi Hopefully this is the right place to ask a question about VTS and get some clarification with the installion. My knowledge is very limited - as you will be able to tell from my basic questions!!! 1. With regard to the config.php file, is the commenting out below correct for leaving the scan in the 'on' position. Or do I need to comment out the line above as well? // DEBUG MODE // ---------- // Uncomment this option to enable 'debug' mode // You will receive verbose reports including clean & infected // files, as well as debug information for file reading and // database connections. // Default: Off (0) // $CONFIG['debug'] = 0; // OFF $CONFIG['debug'] = 1; // ON 2. How do I proceed with a scan, and where would I see the results? Can I alter/adjust when to scan? Again, I appreciate any help that you can give. Ben Quote Link to comment Share on other sites More sharing options...
Guest Posted September 25, 2010 Share Posted September 25, 2010 1. With regard to the config.php file, is the commenting out below correct for leaving the scan in the 'on' position. Or do I need to comment out the line above as well? // DEBUG MODE // ---------- // Uncomment this option to enable 'debug' mode // You will receive verbose reports including clean & infected // files, as well as debug information for file reading and // database connections. // Default: Off (0) // $CONFIG['debug'] = 0; // OFF $CONFIG['debug'] = 1; // ON This is for debug mode only. Use this: $CONFIG['debug'] = 0; // OFF 2. How do I proceed with a scan, and where would I see the results? Can I alter/adjust when to scan? Have you installed ocVTS as described in the install.txt file? : ------------------------------------------------------------------------------------------------- INSTALL: (remember BACKUP!) * make new folder 'AV' in catalog/admin * Edit config.php to your needs * Edit whitespace.php to your needs * Copy files in package: index.php - config.php - ocVTS.php - ocVTSa.php - whitespace.php - grep.php - virus.def - files.def to catalog/admin/AV * CHMOD all files 755 or lower * in catalog/admin/includes/header.php - find: </td> <td class="headerBarContent" align="right"><?php echo (tep_session_is_registered('admin') ? 'Logged in as: ' . $admin['username'] . ' (<a href="' . tep_href_link(FILENAME_LOGIN, 'action=logoff') . '" class="headerLink">Logoff</a>)' : ''); ?> </td> - add above: <!--osCommerce Virus & Threat Scan --> <?php echo ' | <a href="AV/' . 'index.php" class="headerLink">' . 'Virus & Threat Scan'; ?> <!--osCommerce Virus & Threat Scan --> --------------------------------------------------------------------------------------------------------- If you have, then you should have a menu choice on the top line in admin: "Virus & Threat Scan" Click on that menu choice and you will get a new page where you can choose what to do.. Quote Link to comment Share on other sites More sharing options...
tedbooks Posted September 25, 2010 Share Posted September 25, 2010 (edited) hello i have the latest version but, still have the Notice: Undefined variable: flagThreat i do not have the file manager also i tried clean up and remove it from filenames.php but that created more error about it not being defined. and i have these errors in grep.php Notice: Use of undefined constant SERVER_SOFTWARE - assumed 'SERVER_SOFTWARE' in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 53 Notice: Use of undefined constant path - assumed 'path' in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 55 Notice: Undefined index: path in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 55 Notice: Use of undefined constant q - assumed 'q' in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 56 Notice: Undefined index: q in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 56 Notice: Undefined variable: txt1 in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 91 Notice: Undefined variable: results in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 92 Notice: Undefined variable: txt3 in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 93 Notice: Undefined variable: txt2 in /var/www/vhosts/xxxxxxxxxx.com/httpdocs/admin/AV/grep.php on line 94 Edited September 25, 2010 by tedbooks Quote Link to comment Share on other sites More sharing options...
Guest Posted September 25, 2010 Share Posted September 25, 2010 hello i have the latest version but, still have the Notice: Undefined variable: flagThreat i do not have the file manager also i tried clean up and remove it from filenames.php but that created more error about it not being defined. and i have these errors in grep.php Sorry! All of this should be fixed in next release.. Quote Link to comment Share on other sites More sharing options...
Guest Posted September 26, 2010 Share Posted September 26, 2010 A new version has been uploaded. Whats new: * Updated virus.def and files.def * Added a new procedure to check for file_manager * Fixed some minor bugs about the notice message * Fixed a undefined variable bug * Fixed a bug with whitespace removing, made checking for php version Have fun! tedbooks 1 Quote Link to comment Share on other sites More sharing options...
tedbooks Posted September 27, 2010 Share Posted September 27, 2010 thank you. great work. all the problems that i was having is solved. it might be very presumptuous of me but i have two suggestion i do not have any idea how had or easy it is going to be but if you could add a replace to the grep.php so once the keyword is found it can replace it. also if it is possible to use application_top.php i have my admin area require login and that would put these files behind the login Quote Link to comment Share on other sites More sharing options...
Guest Posted September 27, 2010 Share Posted September 27, 2010 Thanks for the contribution. It was working great. Now I am facing a problem. I recently the SiteMonitor contribution (http://www.oscommerce.com/community/contributions,4441). When I try to go into the sitemonitor configuration in the shop's admin panel, my IP is banned in the htaccess file. I see this error: Forbidden! 403 Permission Denied Your IP is banned or file is forbidden You do not have permission for this request Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted * This value may indicate an attempt to compromise our server security, such as a cross-site scripting attack. * Please do not be alarmed: it is possible the suspected attempt was triggered innocently. * Additionally, we will log your IP address, your request, and the date and time. This information is recorded for security purposes only. * These disclosures may also be needed for data privacy or to investigate or respond to a complaint or security threat. We do not claim any ownership of the content collected. This is done for purposes such as diagnosing service or technical problems, and maintaining server security. Quote Link to comment Share on other sites More sharing options...
Guest Posted September 27, 2010 Share Posted September 27, 2010 thank you. great work. all the problems that i was having is solved. Glad to hear it works it might be very presumptuous of me but i have two suggestion i do not have any idea how had or easy it is going to be but if you could add a replace to the grep.php so once the keyword is found it can replace it. I dont think I would do that with ocVTS, but you can use this program for that. also if it is possible to use application_top.php i have my admin area require login and that would put these files behind the login ocVTS is for admin use and not for users, that's why it is placed inside admin. (If I understand your question right?) Quote Link to comment Share on other sites More sharing options...
Guest Posted September 27, 2010 Share Posted September 27, 2010 Thanks for the contribution. It was working great. Now I am facing a problem. I recently the SiteMonitor contribution (http://www.oscommerce.com/community/contributions,4441). When I try to go into the sitemonitor configuration in the shop's admin panel, my IP is banned in the htaccess file. I see this error: Forbidden! 403 Permission Denied Your IP is banned or file is forbidden You do not have permission for this request I do not know what addons you are using that is reporting this, but it is not ocVTS. I'm sorry, but I cant help you with this.. Quote Link to comment Share on other sites More sharing options...
Guest Posted September 27, 2010 Share Posted September 27, 2010 This is for debug mode only. Use this: $CONFIG['debug'] = 0; // OFF Have you installed ocVTS as described in the install.txt file? : ------------------------------------------------------------------------------------------------- INSTALL: (remember BACKUP!) * make new folder 'AV' in catalog/admin * Edit config.php to your needs * Edit whitespace.php to your needs * Copy files in package: index.php - config.php - ocVTS.php - ocVTSa.php - whitespace.php - grep.php - virus.def - files.def to catalog/admin/AV * CHMOD all files 755 or lower * in catalog/admin/includes/header.php - find: </td> <td class="headerBarContent" align="right"><?php echo (tep_session_is_registered('admin') ? 'Logged in as: ' . $admin['username'] . ' (<a href="' . tep_href_link(FILENAME_LOGIN, 'action=logoff') . '" class="headerLink">Logoff</a>)' : ''); ?> </td> - add above: <!--osCommerce Virus & Threat Scan --> <?php echo ' | <a href="AV/' . 'index.php" class="headerLink">' . 'Virus & Threat Scan'; ?> <!--osCommerce Virus & Threat Scan --> --------------------------------------------------------------------------------------------------------- If you have, then you should have a menu choice on the top line in admin: "Virus & Threat Scan" Click on that menu choice and you will get a new page where you can choose what to do.. Thank you for your reply. I have installed all the files in accordance with your instructions including the ocVTS file but can not see any reference to "Virus & Threat Scan" in Admin. I do not have public_html/catalog/admin but do have public_html/admin; is it because of this? do I need to make other changes? I would appreciate any help you can give. Regards Quote Link to comment Share on other sites More sharing options...
Guest Posted September 27, 2010 Share Posted September 27, 2010 Thank you for your reply. I have installed all the files in accordance with your instructions including the ocVTS file but can not see any reference to "Virus & Threat Scan" in Admin. Can you list here your admin/includes/header.php file.. Quote Link to comment Share on other sites More sharing options...
Guest Posted September 27, 2010 Share Posted September 27, 2010 Can you list here your admin/includes/header.php file.. Thanks for getting back to me. It is all working fine. I appreciate your support. Regards. Quote Link to comment Share on other sites More sharing options...
Guest Posted September 28, 2010 Share Posted September 28, 2010 Hi Sijo, I have managed to install this correctly and all seems to be working fine, except when I try run ocVTS - Scan your site using 'virus.def' and 'files.def' files. I recieve a cannot connect message. If I switch debug mod to on i recieve Loaded 281 virus definitions Loaded 22 files definitions Could not connect I'm assuming that I have a setting wrong some where. My root isn't in public_htm but in htdocs, is that correct? My settings in whitespace.php is: $ftp_site = 'www.mywebsite.co.uk'; // your ftp site $ftp_usr = 'mywebsite.co.uk'; // your ftp username $ftp_pwd = 'password'; // your ftp password $ftp_root = 'htdocs'; // your ftp site root folder Other than that everything else works. Tony Quote Link to comment Share on other sites More sharing options...
Guest Posted September 28, 2010 Share Posted September 28, 2010 I'm assuming that I have a setting wrong some where. My root isn't in public_htm but in htdocs, is that correct? My settings in whitespace.php is: $ftp_site = 'www.mywebsite.co.uk'; // your ftp site $ftp_usr = 'mywebsite.co.uk'; // your ftp username $ftp_pwd = 'password'; // your ftp password $ftp_root = 'htdocs'; // your ftp site root folder The problem has to do with whitespace checking. Try to turn this off in whitespace.php : // check for leading & trailing whitespace: //$chk_ws = true; // ON $chk_ws = false; // OFF // remove leading & trailing whitespace if found (if set to true, $chk_ws also need to be true!): //$rmv_ws = true; // ON $rmv_ws = false; // OFF When you run ocVTS it will list your 'Scan root:' near the top. What does it say? $ftp_site, $ftp_usr and $ftp_pwd should be the same as when you FTP (upload) files to your site. Quote Link to comment Share on other sites More sharing options...
Guest Posted September 30, 2010 Share Posted September 30, 2010 (edited) Hi My website has been hacked and I have found a number of infected files thanks to VTS. I do have an issue though. I am not able to load my website using on Internet Explorer browser, my Kaspersky virus check comes up with a 'Access Denied' message and indicates my website is infected by HEUR:Trojan.Script.Iframer On Chrome and Firefox there is no message and the website loads OK I have read about false positives when using Kaspersky. Is there any guidance you can give me on how to proceed. Many thanks. Edited September 30, 2010 by benjaming Quote Link to comment Share on other sites More sharing options...
Guest Posted September 30, 2010 Share Posted September 30, 2010 My website has been hacked and I have found a number of infected files thanks to VTS. I do have an issue though. I am not able to load my website using on Internet Explorer browser, my Kaspersky virus check comes up with a 'Access Denied' message and indicates my website is infected by HEUR:Trojan.Script.Iframer On Chrome and Firefox there is no message and the website loads OK I have read about false positives when using Kaspersky. Is there any guidance you can give me on how to proceed. Do you have a link to your site I could try? You could replace all infected files with safe ones, but: The best way is to clean your site and then upload it from a safe backup. Read the How to secure your site to be sure you have done what's needed to have a secure site.. Quote Link to comment Share on other sites More sharing options...
suwandana Posted October 1, 2010 Share Posted October 1, 2010 Hello Sijo, I've instaled VTS on my website since I got flaged by Google, i installed it successfully. I found many files infected so After I cleaned it up and reload my back up files to server. I have re-installed VTS again. But when I run OcVTS here is the message: Loaded 281 virus definitions Loaded 22 files definitions Scan Completed osCommerce Virus & Threat Scan v1.0.8 Scan root: /shop Threats Definitions: 281 Files Definitions: 22 Scanned folders: 1 Scanned files: 0 Possible Infected files: 0 Possible Threat files: 0 Whitespace found: 0 Scanning folder /shop ... Then After I run OcVTSa , I got this: osCommerce VTSa v1.0.8 Directory depth set to 100 Directory root: /shop Warning: opendir(/shop) [function.opendir]: failed to open dir: No such file or directory in /home/xvzhxrwy/public_html/shop/admin/AV/ocVTSa.php on line 255 Files checked: 0 Files suspected: 0 Files infected: 0 Files cleaned: 0 Clean errors: 0 Clean warnings: 0 What Did I do wrong in Installation process? Quote Link to comment Share on other sites More sharing options...
Guest Posted October 1, 2010 Share Posted October 1, 2010 Warning: opendir(/shop) [function.opendir]: failed to open dir: No such file or directory in /home/xvzhxrwy/public_html/shop/admin/AV/ocVTSa.php on line 255 Files checked: 0 Files suspected: 0 Files infected: 0 Files cleaned: 0 Clean errors: 0 Clean warnings: 0 What Did I do wrong in Installation process? What do you have in config.php for this? : $CONFIG['scanpath'] = Quote Link to comment Share on other sites More sharing options...
suwandana Posted October 1, 2010 Share Posted October 1, 2010 (edited) What do you have in config.php for this? : $CONFIG['scanpath'] = Here What I have: $CONFIG['scanpath'] = $_SERVER['public_html']."/shop"; Should I replace 'public_html' ? My document root is /home/username/public_html/shop/ Is the result from OcVTSa Scan, means everything OK? Please guid me. Edited October 1, 2010 by suwandana Quote Link to comment Share on other sites More sharing options...
suwandana Posted October 1, 2010 Share Posted October 1, 2010 Sorry I mean for the 1st result from OcVTS, is everything OK?? Quote Link to comment Share on other sites More sharing options...
Guest Posted October 1, 2010 Share Posted October 1, 2010 Here What I have: $CONFIG['scanpath'] = $_SERVER['public_html']."/shop"; Should I replace 'public_html' ? My document root is /home/username/public_html/shop/ Is the result from OcVTSa Scan, means everything OK? Please guid me. If you want to scan from /shop then use: $CONFIG['scanpath'] = $_SERVER['DOCUMENT_ROOT']."/shop"; If you want to scan from your site root, then use: $CONFIG['scanpath'] = $_SERVER['DOCUMENT_ROOT']; Quote Link to comment Share on other sites More sharing options...
Guest Posted October 1, 2010 Share Posted October 1, 2010 Sorry I mean for the 1st result from OcVTS, is everything OK?? No, none of them are right, please see my previous message how to configure.. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.