Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
XenoMorpH
Hangin' Around


Joined: Jan 23, 2004
Posts: 37
Location: Netherlands

PostPosted: Sat Mar 25, 2006 2:42 pm Reply with quote

Hi there.
Today my site got "hacked". Nothing special you would say....But this is very unusual. My site is protected using the latest nukesentinel, and .htaccess/.staccess activated and all worked fine. No1 could enter anything. But today there was some1 online multiple times (about 30 times), that was very suspicious, and then a couple of seconds later site went offline, getting bad request CGI 500 internal server error. It seemed to be that ip used a script/programme to hack cgi files, or sumfn.
No when I delete the .htaccess, then the site works fine, but when activating a .htacces file (even a blank 1 ) will give the very same error:

The server encountered an internal error and was unable to complete your
request. Either the server is overloaded or there was an error in a CGI script.

Is it possible sumfn was changed in the server config?
 
View user's profile Send private message Visit poster's website
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Sat Mar 25, 2006 6:39 pm Reply with quote

An internal error, possibly related to the htaccess file, doesn't necessarily indicate that your site was hacked. It could be that the server config was changed, as you suggested.

What the htaccess modified? What are its contents? Are there other new or changed files (e.g. CGI)? Did you check with the web host to see if anything was changed or is not working properly?

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
XenoMorpH
PostPosted: Sun Mar 26, 2006 4:54 am Reply with quote

There was nothing changed in the config of the server by the webhost. I actually had to call him to solve this issue. Nothing has changed in the .htaccess files. I simply can not use .htaccess files anymore due to some unknown reason.
 
kguske
PostPosted: Sun Mar 26, 2006 7:25 am Reply with quote

Thanks. Did the webhost explain what he did to solve it or what caused it?
 
XenoMorpH
PostPosted: Sun Mar 26, 2006 9:20 am Reply with quote

At first I could not find the solution, so I called him to find out the reason why the site was showing that error.
Then I got a mail where he told me it was the .htaccess file causing the problem. By deleting the file or just renaming it solved the problem. At first I thought it was the file itself and I uploaded the orriginal backup of the .htaccess file. But now when I put a .htaccess file on the site, I get the 500 error. Even when it's a blank file.
It's sunday, so there is no immideate help on this from my webhost. I think it's a server prob, but I just wanted to know if some1 has had a similar issue, and how to solve this.

I feel less secure now, knowing that .htaccess security is not working properly now.
 
kguske
PostPosted: Sun Mar 26, 2006 10:16 am Reply with quote

htaccess isn't just for security. If the htaccess file has NOTHING in it, then it's definitely a server problem. If it has something in it, that might be the problem.
 
XenoMorpH
PostPosted: Sun Mar 26, 2006 10:59 am Reply with quote

No...that's not what I said...
When I add a .htaccess file on the server, (a blank 1 or 1 with data) I get the 500 error...I checked the file, nothing is added....I'll just wait untill I hear back from my webhost about this issue.

Maybe sumfn changed the server settings...
 
kguske
PostPosted: Sun Mar 26, 2006 11:02 am Reply with quote

Right. If the htaccess file has NOTHING in it, then it's definitely a server problem.
 
XenoMorpH
PostPosted: Sun Mar 26, 2006 3:37 pm Reply with quote

LOL, I think u don't understand....
When upload the .htaccess file which has the correct info for Sentinel, I get the 500, WHen I add a .htaccess file with no info, I get 1 also. So basicly after adding a .htaccess in the first place gives a 500 error.

I just wanted to let u guys know there's a script on the loose which can alter server settings.
 
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6792
Location: Ha Noi, Viet Nam

PostPosted: Sun Mar 26, 2006 4:49 pm Reply with quote

I think we get the picture - anything named .htaccess is causing a problem regardless of whether it is blank (empty) or not. Smile
As kguske mentioned, I think this is a server related problem. Is your host using PHP compiled as a cgi module?
 
View user's profile Send private message Send e-mail
kguske
PostPosted: Sun Mar 26, 2006 8:11 pm Reply with quote

You're right - I did not understand "blank" and "nothing is added" to mean "the correct info for Sentinel".

You said your site got "hacked" and the htaccess file was causing the problem. So basically, something must've changed in your htaccess file or in your server's configuration. What exactly ARE the contents of the htaccess file? What exactly does your phpinfo() report?

If you consider the possibility that someone managed to change the server settings, couldn't the webhost compare that to the default settings? Do you have a local php.ini file in the nuke directory (or above it)?
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©