I checked my host server DNS, reported said "my domain name is missing DNS or it not listed in the server parrent" that I can use[url]to open the site but not [url]
my site created as a root account (Cpanel reseller)
I have not login to the Cpanel WHM (Cpanel web hosting manager) for long time, so I don't remember the password to login and I can't setup, create the dns for it.
I couldn't cotact the HOST for support, too - so I'm total lost.
Is there a way to solve this problem?
Like a way to create the dns without login to WHM, ways to get the lost password,.....?
I have a problem with my server. I am trying to make a subdomain, and it isn't working. I create it like how in all tutorials says here( click here ) . I completed all fields, but when i try to open the subdomain in a browser page, it's telling me, page not found / page doesn't exist. I have a dedicated server on window server 2008 for my website with a dedicated IP.
Im facing problem from last 48 hours when i try to access my site
www.yourdomain.com/forum
then it showing me error Page not found Not Found
The requested URL /forum was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
and when i checked this forum folder through shell and cpanel then its there and when i try to access it through [url] then its working fine does any of you know whats the problem was plz help me my site was already closed from 48 hours God Bless you
i am running a nph-proxy.cgi (aka CGI-proxy) script. there is "HTTP/1.1 200 OK Date: Fri, 06 Nov 2009 00:35:42 GMT Server: Apache Content-Length: 0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/plain"
below every css, js, html file loaded...no where in .cgi script is such output specified!
how to resolve ? i already turned off ServerSignatures, and set it to Production in apache2.conf.
Upgrade from 11.5 reported it had completed but when I log in, I get the grey bar on the left with various options - Hosting Services, Tools & Settings etc. (only Profile & Preferences works) and a main white screen with the words 'File Not Found' in large font black lettering.
As I read, when Plesk and WHMCS are in the same server, you may have 502 bad gateway errors when creating an account through WHMCS..Page not Found/Timeout/502 Bad Gateway error creating accounts with Plesk 10+..By default Plesk 10 and above performs a forced restart of apache when an account is created or suspended which causes WHMCS to lose connection to the server, and if your WHMCS is on the same server, you will also lose connection to WHMCS at the same time.
In order to resolve this please refer to the following knowledgebase article for instructions on configuring Plesk to perform a graceful restart instead: URL..
But when I activate nginx in Plesk the 502 bad Gateway problem comes back.Is there an option to activate Nginx graceful restart in Plesk?
Right now my stats system only shows from what website traffic is coming. I have google analytics aswell, and with all its functions, it does not tell me from exactly what webpage traffic is coming, and to what webpage the traffic is coming to.
So, let say someone is sending me traffic from www.reffererxxx.com/cool_video.html to www.mysite.com/super_cool_video.html
My statistics would only show that www.reffererxxx.com is sending traffic to www.mysite.com
Is there a way(a script/service/program) to find out exactly from what webpage the traffic is coming, and to what webpage of mine the traffic is going to? (I do not have server logs / webalizer / awstats as my server cannot handle the log processing due to high server loads)
We were tasked with helping a website owner find all the malscripts on his site and remove them. He, like many, learned that his site was delivering malicious code with an email from Google.
This website owner had tried removing the code himself and yet his site was still blacklisted by Google. This was killing his sales as anyone visiting with Firefox as their browser, or Chrome, were greeted with a big warning:
This site may harm your computer.
After about a week of trying to rectify the problem himself, he contacted us.
He provided us FTP access to his site so we could tackle it.
After downloading his site (which literally took 3 hours) we started scanning. We grep'd for the word "base64_decode" and found over 228 php files all with the following malscript (spaces added to protect the innocent):
For the first time after running a server for about a year I decided to buy a new server and in it I found out that there is a some sort of infection in it. What should I do next. The logs are attached in a n attachment.
I cant visit my website! <snipped> everytime I go it says server not found. So I told some friends to go and they are able to see and visit <snipped> How is that possible?? They could and I cant? Yesterday same thing but then couple hours later it worked I could visit hmlegends.com but i didnt do anything and now today same thing server not found! i cleaned my history everything and still server not found!
So what I did is used a proxy <snipped> and then it worked!
But then I dont use a proxy SERVER NOT FOUND! Its like my IP cant reach hmlegends.com
I dont know how to solve this?!?? It just says server not found!
But it looks like everyone else could access it!
Anyways im using Firefox 2 but then maybe i thought it was my browser so switched to 3 so currently on firefox 3 and no its not its something with my IP cuz when i use proxy i could go to my site
but point is i dont wanna use proxy i wanna use my IP to go to hmlegends.com
I have recently brought a VPS hosting package. At the moment I am going through the tutoritals on the net that I have researched before getting a VPS package to give me some understanding on what I need to do to securior the server and also how to install the software that I require.
For most of today, I have been trying to sort out a problem that I am currently having.
Of which is I am trying to sort out a part of the tutorial from a website that requires the use of apt commands.
But for every command I am getting the message back apt..... Command not found. I am currently using the ubuntu operating system. And through some research, I have got the feeling that I might have the bare installation done on my server to just make it work.
Would I be right, and with the bare installation apt commands wouldn't be installed?
If I am, how would I go about installing the Apt commands and anything else that I might require?
<Directory "/usr/local/apache/cgi-bin"> AllowOverride None Options None Order allow,deny Allow from all
</Directory>
And the error logs say..
[Sun Jan 20 18:09:56 2008] [error] [client xx.xx.xx.xx] File does not exist: /home/goewowc/public_html/404.shtml [Sun Jan 20 18:09:56 2008] [error] [client xx.xx.xx.xx] script not found or unable to stat: /usr/local/apache/cgi-bin/first.txt
The CGI-bin directory is chmodded correctly, the files are also chmodded and belong to the correct group
After going back and forth with the folks that are supposed to be managing my server they finally checked and found an irc bot. Here is their message:
I have found a irc bot running on your server. The binaries are located at /var/lib/texmf/.dat/. You can see the tar file which the hacker uploaded at /var/lib/texmf/. I have changed the permissions to 000 so that you can verify the files.
The user of the files are nobody. Hence it is clear that the files were uploaded via url injection using some vulnerable script under some domain. Unfortunately there are no helpful logs to find the exact domains and the vulnerable script. It is certain that the files were first uploaded to /tmp and then moved from there. You can see some similar hack files at /tmp/.dat, /tmp/var and /tmp/.dev12. Also the permission of /var/lib/texmf/ was 777.
You should update all your web softwares to latest version so that they will include latest security patches. Also I will recommend you to enable mod_security in your server to prevent further hacks.
Our Security Technician found yesterday a 200 user botnet on a hidden IRC server and was able to quickly email the compromised systems information (just hostname) to our abuse email. So today i spent the last 2 hours sending emails off to web hosting companies, educational institutions and corporate companies telling them that their systems have been compromised, we regulary email out systems we have found compromised. The thing that stuns me is that most of the systems we found compromised on IRC are dedicated lines between 10MBPS to 1GBPS... I found a few hosting companies and will list them so they can be found by them:
lvps212-241-192-85.vps.webfusion.co.uk wp056.webpack.hosteurope.de wp097.webpack.hosteurope.de wp049.webpack.hosteurope.de wp055.webpack.hosteurope.de m2.wrango.com - Dedicated Server with NetworkSolutions server1.hostfree.com.br
I just found a script on a customers account after some problems they were having, they mentioned injecting php code, that immediately threw up a red flag, when i took a look i found c99.php
I checked up and this seems to be the web equivalent of a rootkit.
Are there any legitimate reasons for this script? The customer is one of the strangest i've came accross because he had the lowest fraud score yet, used a Lady's name at signup/payment, yet calls himself Michael and seemed to do something with WHMcs security wise.. i dont want to post details as checks are still ongoing but it seems to be a problem with Language scripts and the customer was able to sign up on a monthly plan but Biannually... so no more invoices till 2009 ... strange, although wether innocently this was done or is a known security hole in WHMCS is not known yet.
after a day of crappy performance from one of my VPS accounts, I decided to start digging, and found eggdrop, and couple of other not so nice files in my /tmp directory.
I panicked, of course, and removed all traces of anything I could find that was bad, so I've unfortunately got no way to see how it happened, as far as I know (but I'm far from a security expert)
I need your help in shutting the system down to users. This is an HTTP/SSH/SMTP/POP3/IMAP server.
Tell me what you need to know and I will do my best to get it to you. Basically I'm just frustrated that I've been on it for 3 hours now.....wasting time because some SOB was bored....
I'll try to make this long story short, but this morning I logged into one of my servers and it showed a read-only filesystem, which I thought my server guys could fix easily. So I put in a ticket. 6 hours later, they tell me that they think the OS is corrupted and I need a new install. They give me KVM over IP so I can go in and 'do' things. I tried to log in as root and it wouldn't let me, so they finally booted in single mode and I can get in and such. When I try to su - root, it tells me that user root can't be found. I also tried to ftp into and out of the server with no luck. I really need this box back up. If not, I need to get all the accounts saved off so that I can build a new box. Everything is there, so I don't want to give up yet.
When I was a customer at hostgator, whenever a terminating error within php was displayed it would log in the parent directory in a file called "error_log".
I want this to happen now on our dedicated server. I've looked at my local apache error log and it doesn't appear to show the same info as hostgator's setup showed.