How To Protect The Web Site Created On The Phpizabi Engine

Jul 18, 2007

How to hack a website at phpizabi engine?!

keywords:
?L=, cecen hacked, cecen, hacked, phpizabi hacked, How to hack phpizabi

Hacking mechanism:
1. this is not hacking indeed. This is usage of phpizabi engine imperfection

Usually the path till the admin area looks like this:
?L=admin.general.configure

If changing the path to
?L=admin//general//configure
Then anyone can obtain full access to the admin area and can do everything he wants.

Similarly changing the path till any keyword file on the web site you can freely get the access to the database.

HOW TO CORRECT THIS ERROR:

mechanism:
1. Below I’ll show an example on how to correct the imperfection of phpizabi engine. This is only example and I recommend all the programmers to code by themselves their own mechanism of this error correction. Unque character of this mechanism will be one more obstacle against hacking.

So, in the very beginning of the script index.php we should put the following code:

$ser_p = array("'[^.A-Za-z0-9]*?'si");
$rep_p = array("");
$_GET = preg_replace($ser_p,$rep_p,$_GET);

It cleans everything from the query except “dots”, “letters” and “digits”.

2. All the folders in main directory of the web site which are located under the path /pages/ should not be accessible for opening!
The easiest and fastest way is to set password access for all the folders in /pages/ through «Password Protect Directories» - this is client’s admin area on the hosting. You should set password to all except “chat” and “gallery”.

3. File upload:

By default any file can be uploaded for scripts phpizabi for dating web sites. They could be uploaded like a picture for gallery or attached file for other web site elements.
Specially created *.php file which will be loaded at the server, can give full access to hacker and finally to walk away it from you!

I do not enclose the correction code of this error as you should restrict file uploading on the server by the class objects jpg/jpeg, gif and png.

View 0 Replies


ADVERTISEMENT

Tool To Protect My Web Site, Help Please

Sep 21, 2007

I am having a lot of trouble with spammers and hackers. I am currently hosting my site on a windows server.

[FONT='Calibri','sans-serif']What is the best tool that I can use to protect my web-site? The tool should be easy to use and require no JAVA or Pearl and other programming languages as I am not familiar with them.

View 12 Replies View Related

How To Password Protect Web Pages, I Can Protect Directories But Can't Put Pages In

Mar 4, 2007

i did make a big message on here but it deleted when i back spaced

my website is aviation cafe dot net / sample and i need you to help me with password protecting a webpage, i wanted the address to be / the silver sword and definitly not to look like it does now.

username: webforum
pass: password

View 4 Replies View Related

3D Engine On A VPS

Jun 25, 2007

I am currently running a web site that does benchmark tests. The thing is the graphs could definitely be more visually appealing than what they are now. I am good at programming with Alias Maya, so I could definitely automated 3D Image generation for the charts.

I would think, just jump right to the dedicated Windows server... but is that really necessary? If the VPS was just used for this one purpose, and nothing else. It would only need say 1GHZ of processing power, and maybe 512MB of RAM. Granted it would be slower, but it would still do what I need it to do.

Is this possible on a Windows VPS? I would think it could be... but you guys might no better.

I really don't want to throw down 200 a month for this just yet, 50-80 a month wouldn't hurt as much though.

View 6 Replies View Related

Google App Engine As CDN?

Jul 19, 2008

I have a site with heavy use of large and small images. The site gets majority of traffic from US and Asia. Using a CDN for JS, CSS, site images and user uploaded images will help the site a lot to speed up.

One of the cheaper options is Cachefly which I was considering, until I found an article about using Google's App Engine as CDN. http://www.google.com/search?q=google+app+engine+cdn

I think it is very inexpensive way to put your content on a CDN. Has anyone tried App Engine as a CDN? Does anyone know if they serve content from local servers in Asia, Europe or is the content served from US?

View 14 Replies View Related

Google APp Engine App Spot

Mar 14, 2009

Is google app engine good for hosting web applications?

View 3 Replies View Related

1 Domain, Different Nameservers Engine (ip)

Jul 16, 2009

i have nameservers in my domain (let's say [url]n [url] that registered for my first vps, i want to make 2 more nameservers from my domain for my second vps [url]n[url]so i have 1 domain with 4 nameservers in 2 vps (2 ns in each vps), it would be like this.

[url]= vps1
[url]= vps1
[url]= vps2
[url]= vps2

ns1 n ns2 is working (can connect to the first vps), but ns3 n ns4 isn't work (cannot connect to the second vps), in different way i tried to make ns3 n ns4 for the second vps with different domain and it's work, it would be like this.

[url]= vps1
[url]= vps1
[url]= vps2
[url]= vps2

so, i wanna ask can i use 4 nameservers in 1 domain for 2 vps? i mean use one domain for more that one ip (different engine)

View 5 Replies View Related

Social Engine Script

Apr 27, 2008

how I could get rid of the "newest members" "last logged in" and "most popular members" on the home page of my social engine script.. Just curious on how to get rid of them.

View 3 Replies View Related

How Many Resources For A Search Engine

Jan 8, 2007

I am thinking about creating my own search engine and I was wondering what some basic server hardware would be required to do this (e.g., RAM, hard drives, memory, storage space). Would I have to run a minimum of 1TB on storage and 4 to 6GB of ram to do it right?

View 6 Replies View Related

Bizarre Error 28 From Storage Engine

Oct 30, 2009

I am getting error28 from storage engine with every application using mysql. The issue started a few weeks ago so i thought emptying /tmp folder would solve the issue but it didn't . Problem seems to disappear when i reboot the server but problem comes back again after a few hours . I even got tmp partition deleted and recreated

I enclosed some info from server below

root@latte [~]# stat /tmp
File: `/tmp'
Size: 81920 Blocks: 162 IO Block: 4096 directory
Device: 700h/1792d Inode: 2 Links: 4
Access: (1777/drwxrwxrwt) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2009-10-28 22:39:38.000000000 +0000
Modify: 2009-10-28 22:39:35.000000000 +0000
Change: 2009-10-28 22:39:35.000000000 +0000

root@latte [~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 143G 42G 94G 31% /
tmpfs 502M 0 502M 0% /dev/shm
/usr/tmpDSK 485M 12M 449M 3% /tmp

root@latte [~]# du -hsx /tmp
1.2M /tmp

root@latte [~]# mysqladmin variables | grep -i "log_error"
| log_error | |

root@latte [~]# find /var/lib/mysql -iname "*.err"
/var/lib/mysql/latte.quicklyweb.net.err

less /var/lib/mysql/latte.quicklyweb.net.err
091028 2:13:57 [ERROR] /usr/sbin/mysqld: Disk is full writing '/tmp/STH2JAx1' (Errcode: 28). Waiting for someone to free space... (Expect u
p to 60 secs delay for server to continue after freeing disk space)
091028 2:13:57 [ERROR] /usr/sbin/mysqld: Retry in 60 secs. Message reprinted in 600 secs
091028 2:23:57 [ERROR] /usr/sbin/mysqld: Retry in 60 secs. Message reprinted in 600 secs ....

View 2 Replies View Related

Low Cost VPS Engine Required - Hypervm Or Other

Jun 13, 2008

I require a VPS system for my main dedicated (Softlayer, 4GB ram - to become 8gb ram after implementation, Dual Xeon 4 CPU).

I need to decide whether to use HyperVM (Lxlabs) or some other sort of system (Not Viruozzo had a bad experience with them a few months ago). I want something good and easy setup and efficient. I don't require EYE-CANDY.

I need to know what you recommend and what is easy to setup. I could also pay a third party organization for setting it up (if they have the knack for it and experience).

I would like to know everyone's experience (hosts and users) on what they like or prefer (except Virtuozzo/Parallel which I wont even consider anymore).

Also my main server has CPanel with around 100 web sites already on. Can I install hypervm or such on the existing server or do I need a fresh server for the same. The VPS accounts based on hypervm or such will end up having cpanel vps licensing anyhow since I am pro-CPanel (anti Parallel) (No plesk)

View 2 Replies View Related

Redirect Cached Search Engine To New Dir

Aug 7, 2008

I recently reorganized my music site, putting my songs in their own directory (off of public_html), and now a couple of search engines are generating a boatload of 404 errors.

Can I redirect the file requests to the new location and, if so, how?

View 3 Replies View Related

Isapi Rewrite For Expression Engine

Oct 3, 2008

have to say the EE forums have been a help to some extent.

I'm trying to rid my Expression Engine site of the index.php? part in my URLs using ISAPI REWRITE on IIS.

I've got [ISAPI_Rewrite]
RewriteRule (/(?:site|member|search|Pd{1,8}).*) /index.php?$1 [I,L]

which removes the index.php but not the? part.

View 2 Replies View Related

Install Zend Engine V2.0.4-dev On CPanel Box.

Mar 15, 2007

Actually i have PHP 4.4.5 + Zend Engine v1.3.0.

One of my customers needs Zend Engine v2.0.4-dev installed.. this is a RHES 4 + cPanel box..

Does anyone know how to install/upgrade Zend Engine v2.0.4-dev?

May this change cause some problems with PHP Scripts?

View 4 Replies View Related

How Does Google App Engine Compare To Web Hosting Plans?

Apr 2, 2009

Google App Engine offers free quotas of 1 GB outbound traffic per day and 6.5 CPU-hours (based on a 1.2 GHz Intel x86 processor) per day.

How do those free quotas compare to web hosting plans? For example, the traffic supported by the free quotas -- is that
generally higher or less than the traffic supported by a typical $5/mo shared hosting account?

Above the free quotas, Google charges $0.12 per GB outgoing traffic, $0.10 per GB incoming traffic, $0.10 per CPU-hour, $0.15 per GB storage per month.

How do those numbers translate to normal web hosting plans? For example, the traffic that can be supported by a $40/mo VPS plan and $200/mo dedicated server plan, what would they cost on Google App Engine?

I know it depends on a lot of factors, but if anyone has any ballpark estimates or experiences they're willing to share I'd really appreciate it.

I'm trying to decide between App Engine and standard web hosting for a DB-backed Python site. The site will start small, but if the traffic grows I want to see which would be a better option long term.

View 5 Replies View Related

Dedicated Server To Host A Mp3 Search Engine

Oct 25, 2009

i have a mp3 search engine website, i dont host any mp3 file, and i want buy a dedicated from france, but the seller of yourwebhoster.eu say its no allowed the mp3 search engine, where i can host that?

View 8 Replies View Related

Web Hosting And Search Engine Advertisement In One Plan

Dec 10, 2007

Is there any sites which provide web hosting and search engine advertisement in one plan?

View 4 Replies View Related

Search Engine-friendly URLs On Server API: CGI

Sep 27, 2007

One of the sites I have, is placed on a non-Apache server (the others are). Phpinfo() gives this:
Server API CGI

I'd like to make search engine-friendly URLs for all my sites. All of them will do fine with mod_rewrite, but that's not possible on this server, it seems. Anybody here knows how I can do this for this particular server?

View 1 Replies View Related

Plesk 12.x / Linux :: Possible To Install And Run On Google App Engine?

Aug 27, 2014

Is it possible to install and run Plesk on Google App Engine? If so, could you point me to some appropriate documentation? If not, what about Google Compute Engine?

View 1 Replies View Related

What Kind Of A Hosting For A Fast Torrent Search Engine

Jul 26, 2008

I want to host a torrent search engine (not a torrent site with actual torrents hosted, only a search engine).

It has to be really fast. I have a few questions?

What hosting is required for this site to be lightning fast? Most of it is due to the coding of the site but how much of it is reliant of the server? Any suggestions?

Also, is it better to start small and upgrade as more visitors come? Or is it just better to get a big server?

View 0 Replies View Related

Will Canadian IP Adress Affect Search Engine Rankings

May 10, 2008

I am considering a server from Iweb wich is based in Canada.

My question is about search engines especially google. My site will be targeting US visitors and I am in the US. When google and other search engines see that my IP address is in Canada will it have any affect on search engine ranking for the regular us google.com? I don't care much about rankings on google.ca since my visitors will mainly be in the USA. anybody have any insite on this? I also want to mention my domain name will be a .com domain

View 2 Replies View Related

Plesk 12.x / Linux :: 1030 Got Error 28 From Storage Engine

Mar 29, 2015

when I go to open plesk the browser give me this:

ERROR: Zend_Db_Statement_Exception: SQLSTATE[HY000]: General error: 1030 Got error 28 from storage engine (Pdo.php:234)

View 1 Replies View Related

How To Protect Port 80

Nov 2, 2007

someone attacking my VPS via port 80, which firewall u advice me to use on windows 2003 WEB edition ?

Or anyone have smillar experiance and can tell me what to do? Btw my hosting company is LeaseWeb.

View 5 Replies View Related

How Do I Protect My Website

Jun 29, 2009

This is probably a pretty complicated answer so please forgive me as I'm a newbie to making my own ecommerce website.

What steps are needed to protect/prevent one's site from being hacked? I have domain privacy (on WhoIs) but I feel this isn't enough.

View 4 Replies View Related

Way To Protect URLS

May 23, 2009

Are there any scripts out there that can protect URLs? For an example I am trying to protect a megaupload.com URL with a masking URL and making sure that the masking URL is only access by a referral site. Can this be done?

View 1 Replies View Related

Protect Directory

May 22, 2007

i have another question is their a way to protect a directory without using .htaccess because i dont have modrewrite installed on my apache server.

View 4 Replies View Related

How To Protect Website

Feb 20, 2007

Last days my site was hacked to the main page has been added the "iframe" tag with path to the virus loading. I don't know how somebody could edit the original page and insert this code to the html body. This time I have updated this page from archive but I would be glad to know how to protect my site in future. Could somebody advice me fast and effective methods?

View 7 Replies View Related

How To Protect Cpanel And Whm

Dec 28, 2007

what is the best way to protect whm and cpanel from unwanted login?

If i change the port they still can sniff, is there away to put another layer to protect it or assigned specific ip to be able to login ? I'm on a dedicate server and only hosting for 1 site so there no customer that i should worry about.

can i change /whm and /cpanel to something else just to hide it form novice users.

View 14 Replies View Related

Group And User Xfs Created

Dec 18, 2008

After some yum updates last night one user and group called xfs were created on my dedicated server. Does anyone know what this group/user is used for?

View 0 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved