Server Not Found

[Krammit]

Okay, this started off because the admin back-office was loading up with "access denied" on line 19. I worked on that, and now instead of getting Access Denied, I'm getting;

 

Server not found
     Firefox can't find the server at www.tacops.catacops.

 

The url for the store is tacops.ca, but for some reason its putting tacops again after the .ca, making an invalid url. I've looked a number of times in the two files I've worked with, and found nothing that is causing this.

 

Help is much appreciated.

[Guest]

Kenney,

 

If you are certain the database URL, username and password are correct, I suggest contacting your hosting provider to ensure their server is operational.

 

 

 

Chris

[Krammit]

I have fixed the issue by restoring an older file, however now I'm back at the Access issue,

 

Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'jmtactical_white'@'localhost' (using password: YES) in /home2/jmtactic/public_html/tacops/admin/includes/functions/database.php on line 19
Unable to connect to database server!

 

I have checked the configuration files, and there doesn't appear to be any issues.

 

The catalog is working fine though, this issue is just with the back office.

This issue has just occurred today, there is a vulnerability somewhere in the store, or server that is permitting injected php files to be placed inside the /images/ folder, while backing up some files, the Access denied issue occurred, and has yet to be resolved.

[Guest]

Kenney,

 

 

Ok, that changes the scope of work.

 

First and foremost, CLEAN and SECURE your website. Then look into the database connection issue.

 

 

 

 

Chris

[Krammit]

That is generally another trouble I'm having. I setup the store for this company, and after it was moved on to their servers, it became a target for this.

On a daily basis, there are numerous php files injected into the images folder, but nowhere else, is this a common occurrence with 2.2RCa? (Upgrading to 2.3.1 is not an option currently.)

[Guest]

Kenney,

 

 

NOT just the images directory, those are only the files that will be used to SEND out information. If you have anomalous files in your images directory I am willing to bet you also have backdoors in your root and/or includes directory.

 

This was a security vulnerability that was identified when v2.2 RC2a was released. A good developer would have patched the installation immediately upon configuration.

 

 

 

Chris

[satish]

That is generally another trouble I'm having. I setup the store for this company, and after it was moved on to their servers, it became a target for this.

On a daily basis, there are numerous php files injected into the images folder, but nowhere else, is this a common occurrence with 2.2RCa? (Upgrading to 2.3.1 is not an option currently.)

htaccess protect this image folder so no php or any other code gets executed.

 

Also check if some one place some back door script mto easily control and upload files.

 

Satish

[Krammit]

Today was another routine check for injected files, however this time there was no injections, there have been zero injections in the past 24 hours. Normally, files are injected every 7 hours or so. Early yesterday a few security features were added and checked into the site, but at the same time, was when the

Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'jmtactical_white'@'localhost' (using password: YES) in /home2/jmtactic/public_html/tacops/admin/includes/functions/database.php on line 19
Unable to connect to database server!

Appeared.

 

So at this time, I'm unsure if the security features are what plugged the holes, or if knocking down the back office is what plugged them. I will be waiting until late this evening to check again for injections.

 

However I now need to fix the Access issue posted above, so what steps should I be taking to fix this?

[Guest]

Kenney,

 

 

The error appears ONLY when the database information located in the configure.php file is incorrect. You may want to look at the /local directory as well. Any configure.php files in that directory would override the configure.php found in the /includes directory.

 

 

 

 

Chris

[Krammit]

Chris,

 

The file /cataloge/includes/configure.php is still 444, this file was never overwritten with the rest, so its still holding all of its original information.

However the file /cataloge/admin/includes/configure.php was overwritten, which would reinforce the fact that its information is no longer valid, as its probably defaulted.

 

Would the information in these two files be the same? Or is there a more solid way of writing in the proper information in the /cataloge/admin/includes/configure.php file?

[Guest]

Kenney,

 

 

The database information on the lower part of that file should be the same for both the /catalog/includes/ and the catalog/admin/includes/ configure.php files. That information has to be identical to the database access information found in your hosting control panel.

 

 

 

 

 

Chris

[Krammit]

Chris,

Thanks, there was a typo in the info, and the dir_ws_admin directory was misdirected, they have since been resolved and it appears to be working once again.

[Krammit]

An hour or so after getting the back office back online, php files are being injected into the images folder again.

 

There is no htaccess file in the images folder, so should I be adding one?

I was considering adding one that simply has

 

<Files *.php>
Order Deny,Allow
Deny from all
</Files>

 

Is there an htaccess file I should specifically have in my images folder, or anywhere else on the server?