Page 1 of 2 12 LastLast
Results 1 to 15 of 16
  1. #1
    Star Lounger
    Join Date
    Dec 2009
    Posts
    78
    Thanks
    4
    Thanked 0 Times in 0 Posts

    PHP / OSCommerce

    Hi all - first up, I am not a programmer.

    Secondly this setup is one I support pro-bono on the network / server / pc / comms / OS side of things.

    Anyway, they have a website using OSCommerce and recently it's started displaying:

    LOLOLOLOLOLOLOL
    Warning: require(includes/header.php) [function.require]: failed to open stream: No such file or directory in /home/vcc1/public_html/index.php on line 47
    Fatal error: require() [function.require]: Failed opening required 'includes/header.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/vcc1/public_html/index.php on line 47
    The "fix" for want of a better word is to replace the now missing header.php in /includes and set permissions on configure.php back to 444

    Beyond that I have no clue. This seems to occur daily between 09:00 and 10:00 GMT

    Suggestions as to a permanent fix gratefully taken? And yes I've asked in the OSC forums but prior experience doesn't lead me to believe the replies will be overly helpful to this PHP numpty.

  2. #2
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Why is the file being deleted everyday? Have yo talked to your host?

  3. #3
    Star Lounger
    Join Date
    Dec 2009
    Posts
    78
    Thanks
    4
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by ruirib View Post
    Why is the file being deleted everyday? Have yo talked to your host?
    That's my question

    And yes, but their answer is "we don't support any software".

  4. #4
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    I don't know what to answer, honestly. They won't explain how a file is being regularly deleted? It's not about software support, it's about helping with file deletion. Is there a regular scheduled task that would delete the file? Maybe someone is actually deleting it? Anyone else with FTP access?

  5. #5
    Star Lounger
    Join Date
    Dec 2009
    Posts
    78
    Thanks
    4
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by ruirib View Post
    I don't know what to answer, honestly. They won't explain how a file is being regularly deleted? It's not about software support, it's about helping with file deletion. Is there a regular scheduled task that would delete the file? Maybe someone is actually deleting it? Anyone else with FTP access?
    Maybe I'm not following you or you me.

    From my perspective it is the OSCommerce software that is getting a file deleted and not the base OS on the server running a job. Nobody else has ftp access and if they guessed the password then I'm gobsmacked as it's an 18 character multi-character / number / punctuation thingy.

    And I can see it from their perspective - the file is part of a software package they don't support or install. They have no jobs running and certainly not one that started a week ago and inserts LOLOLOLOL as the website.

  6. #6
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Does the software update itself? That still shouldn't affect user content...

    Are the file permissions as limited as possible on header.php and the includes directory?

  7. #7
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    I have never heard of a software that deleted one of its files, especially a needed header file, but then I have never used OSCommerce. If there are automatic updates, does the software keep a log?

    I find it very odd that web app updates are applied without the user explicit permission.

  8. #8
    Star Lounger
    Join Date
    Dec 2009
    Posts
    78
    Thanks
    4
    Thanked 0 Times in 0 Posts
    OK - I realise I didn't explicitly say at the start but gut feeling is the site has been compromised due to a PHP weakness or some other kind of issue. It is this that I suspect may be behind their woes - but and I stress, that it is purely my guess.

    But it also sort of makes sense.

    Secondly I am as much in the dark as anyone and thus my questions.

    Apologies for confusion but ....

  9. #9
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    A quick google search kinda conviced me there are no automatic updates for the software, which makes total sense, since a website will be available at any time day or night, to taking it offline to upgrade the software must be decided by the site admin.

    That said, it seems there have been recent security issues with the OSCommerce software, that will require patching or updating. Maybe you want to read about that.

  10. #10
    Star Lounger
    Join Date
    Dec 2009
    Posts
    78
    Thanks
    4
    Thanked 0 Times in 0 Posts
    I've patched and added 'contribs' to stop this until I'm turning blue. However I shall go have another dig.... did you have a specific URL you could point me at?

    So, 08:45 site was up and now at 09:25 it's gone down with initial screen looking as listed in my first message. Only file missing is the aforementioned header.php and configure.php permissions changed.

    Colour me confused - I shall ask the hoster again but ...!

  11. #11
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    This seems to be from their support forum: http://forums.oscommerce.com/topic/3...ate-22-to-231/

    Talks about security issues and the absense of an automatic upgrade to the (by then) latest version.

  12. #12
    Star Lounger
    Join Date
    Dec 2009
    Posts
    78
    Thanks
    4
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by ruirib View Post
    This seems to be from their support forum: http://forums.oscommerce.com/topic/3...ate-22-to-231/

    Talks about security issues and the absense of an automatic upgrade to the (by then) latest version.
    OK thanks for that. My life is being spent in that forum at present but the "stock" or pat answers most give out really don't help or encourage those of us that use these GNU products to want to carry on using them

    Stuff like ... "the best way is a.b.c" when they assume we all spend our live buried in this product.

  13. #13
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    I'm with you there and the situation, unfortunately, applies to most open source stuff. Everything is ok, until you have a problem or you need something other than what can be found in a readme file. Then you will pay dearly in time and patience for "your" free product. I feel all those situations provide backing to the statement that nothing is free, even if some stuff may not require you to actually spend money on it.

    I am sorry I can't be of much help on this specific issue, never used OSCommerce. Been there, though, with other php based stuff.

  14. #14
    Star Lounger
    Join Date
    Dec 2009
    Posts
    78
    Thanks
    4
    Thanked 0 Times in 0 Posts
    RIGHT- success I think but in reality only time will tell.

    After "wasting" a lot of my time; asking questions here and elsewhere; reading between the lines and asking yet another question of the hoster (worded ever so slightly differently) I got the following reply:

    We are scanning for any malware files (exploits, PHP shells etc) all accounts and the header.php file gets quarantined, I've added the path to the file to be ignored so you'll be fine.

    Also new permissions are applied due to exploits that include attacker symlinking config files from various scripts as .txt files to gain access, this is a server wide issue where all accounts on the server can be affected. With the new security measures and permissions for the files on the server if it does come to this, attacker wouldn't be able to access the symlinked .txt files as he doesn't have permission to read them. These kind of exploits on user accounts are rare however they occur if a single user account gets exploted, being an outdated Wordpress installation (for example ) which can be explited to upload a PHP shell script from which the symlink script can be uploaded and executed.

    I hope this clears up a bit the issue with the scripts, all changes made are for the benefit of our clients to have them run in the most secure environment possible.
    So, despite asking right at the start, which they denied and blamed on the software (in this case OSCommerce) it would appear that they have once again implemented new process / procedure that they haven't bothered to tell us the paying client about.

    It's one of the reasons I moved my personal account away from them and when this one is up for renewal I will strongly suggest they do likewise.

    My reply was a very polite "tearing of a new one" for them where I finished off by saying that 'security by obscurity is a maxim and not something to aim for'.

    Time will tell, but methinks it is resolved.

    Thank you all in this thread for your replies. They helped keep me sane if nothing else.

  15. #15
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Unhelpful, ignorant hosts must be one the internet age plagues. It is unbelievable that they would start doing that without saying something to their customers.

    Anyway, I am glad you got it sorted.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •