HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


website software has detected what may be a hacking attempt.

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#67418 (In Topic #14372)
Avatar

Community saint

Hi everyone,

Another v6 bug/ussue for me. This time:

Code

The website software has detected what may be a hacking attempt. Please do not be alarmed, and unless you are really trying to hack the website, nobody will question you. Please do not click refresh though or you could be automatically banned. If you got here via a link, please inform the link maintainer of the problem. (version: 6.0, PHP version: 5.2.9, URL: /cms/adminzone/index.php?page=admin_themes&keep_fatalistic=1&type=_edit_image&uploading=1)
I've serched the forums and although this message has been reported before, they don't match my scenario.

In my case I was just trying to edit some theme images (logged in as admin). No matter which image I try and edit (even just changing the title) I get this error.

The corresponding security logs report:

Code

Tried to add a downloaded file that points to a script: so they could get the script contents (e.g. passwords)
Foll stack trace and security alert details are attached.
Attachment
» Download: hacker_warning_and_security_log.doc (75 Kb, 126 downloads so far)


I'm just not having much luck :'(

P.S. I don't know why these code boxes are appearing so large.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#67419
Avatar

It sounds like your server can't communicate with itself. Try typing this into OcCLE:

Code

:require_code('files');echo http_download_file(get_base_url().'/themes/default/theme.ini');
It should show the contents of theme.ini but I think you might see it as blank or some kind of HTTP error.

ocPortal ensures typed paths are also valid as non-script-URLs because ocPortal reserves the right to read from the filesystem directly and if it does and they're not normal URLs it could be a security issue (e.g. if doing a theme wizard preview on a theme image that somehow was given a path of info.php without this protection someone could get the database passwords).

ocPortal seems to be failing to run the check because it can't read it's own URLs, probably due to something like a firewall configuration.

(I have fixed the codebox styling issue on this site)


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#67422
Avatar

Community saint

Chris Graham said

It sounds like your server can't communicate with itself. Try typing this into OcCLE:

Code

:require_code('files');echo http_download_file(get_base_url().'/themes/default/theme.ini');
It should show the contents of theme.ini but I think you might see it as blank or some kind of HTTP error.
Yep, blank is all I see.

As for:

Code

ocPortal seems to be failing to run the check because it can't read it's own URLs, probably due to something like a firewall configuration.
On the money Chris :thumbs:. My site is still under development and I had it behind a password protected directory so that people can't accidently stuble upon it yet (I have stumbled across one of ocPortals client staging sites while googleing, and wanted to avoid that situation for my site).

I've had no problems with the password protected directory until now. I would occasionaly get a password prompt after the initial login, but I would always continue without problem one I entered the password.

I've unprotected the directory and now it all works fine.

And finally:

Code

(I have fixed the codebox styling issue on this site)
Would you mind sharing the code fix this? I just checked my site and I have the same problem.

Thanks for all you help Chris!

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#67423
Avatar

I've had no problems with the password protected directory until now. I would occasionaly get a password prompt after the initial login, but I would always continue without problem one I entered the password.

I've unprotected the directory and now it all works fine.

Ah, didn't think of that. I'm adding a little to our security tutorial. You'll want to unblock 'uploads' too. Or, you can set it to allow your web server's IP address through without authentication/

Would you mind sharing the code fix this? I just checked my site and I have the same problem.

Code

.comcode_code_scroll {
   height: 300px;
   overflow: auto;
}
to:

Code

.comcode_code_scroll {
   max-height: 300px;
   overflow: auto;
}


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#67427
Avatar

Community saint

Strage, the style already has it set to max-height: 300px; . The box on my site and ocPortal looks fine in firefox but not in IE8.

I'm usually in firefox when browsing and when logged into my site as admin, and in IE when testing the site as guest or other users.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#67428
Avatar

Is IE in compatibility mode somehow?


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#67430
Avatar

Community saint

Chris Graham said

Is IE in compatibility mode somehow?
Not according to this:

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
There are too many online users to list.
Control functions:

Quick reply   Contract

Your name:
Your message: