Guestbook disappeared. ISP says it's hackers.

New Member Joined: Sep 23, 2002 Posts: 5

Hi, my standalone KISGB guestbook (v5.11) has disappeared. I can't access either the guestbook or the admin section. I get a blank white page with no error messages when I try to access them.

I have had a couple of galleries which also went missing for no apparent reason lately, and my ISP said that something they had done required me to change permissions on a couple of files (which fixed the galleries). So I thought it may be some similar problem with the guestbook. But when I contacted my ISP, they said "Looking at the error_log it would appear someone has been trying to hack your guestbook". and advised me to replace it with another guestbook! But I have a soft spot for the guestbook, as Gaylen was so helpful when I was trying to get it integrated into the site, so I would like to keep KISGB if possible.

Is there something I can do to firstly get the guestbook back up without losing all the entries that have accumulated over the years, and secondly stop KISGB from being put out of action by hackers (if that is indeed what happened).

Any help would be greatly appreciated.

Thanks for reading this,
Dave.

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

It has been a long time! Sorry to say that there was a security issue identified a while back and I have fixed it but not released it publicly yet as I have had some major health setbacks the past 2 years that forced me into an early retirement and have kept me from many things. I am not aware of any issue that allows deleting the guest book. Unless your ISP, which is not necessarily your host, can see actual log entries that show the guest book with a delete command, then it's not the guest book code that was hacked.

Just because someone is "trying" to hack an application doesn't mean that you need to replace the application. That is is just plain silly. And even if an application is hacked doesn't mean you have to replace it. You close the hole and go on. I mean, really, major commercial applications are hacked every day and you don't necessarily replace them.

Having said all that, check your kisgb folder and see if your guest book file is still there. If it is then you need to figure out why it isn't working. If it is still there, what happens when you try to access it?

Posted: Mon May 05, 2008 4:57 am

Hi again, sorry to hear to hear about your health problems.

My first post was very poorly worded (some things never change!). KISGB is still physically there, it just shows a white page when I try to access either the guestbook itself or the admin area. And the quote was from a tech guy at my hosting company, not at my ISP (hey, it was late when I wrote it).

Posted: Mon May 05, 2008 9:49 am

It must have been late for him also as his head was certainly not where it's supposed to be Evil or Very Mad

to give that advice killing me

Please PM to me your
site url for access to kisgb
ftp url, id/pass

I should be able to fix it Wink

Posted: Mon May 05, 2008 10:24 pm

The issue has/had NOTHING to do with KISGB! In your .htaccess file you have an error in your RewriteRule statement.

RewriteRule ^.+/([a-z_]+\.php.*)$ $1 [L] is blocking access to the guestbook files. Since I'm not sure what you or your host is attempting to do I have just commented it out. KISGB works just fine w/o it although I made the mistake of assuming KISGB was the issue since your "tech" seemed so sure. 1.5 hours wasted Mad

As I said at the onset, I felt that you tech had his head in the wrong place Wink

Sorry we had to link up after so long a time because of a so called "tech" killing me

Posted: Tue May 06, 2008 3:33 am

Thanks for taking the time to look at it and get it working again for me, and I'm sorry that I was giving you incorrect information. I will have a word with the tech guy from my hosting company about this.

The redirect in .htaccess makes the links in my shop more search engine friendly, and commenting it out gives me blank pages in the shop. Am I going to have to choose between being search engine friendly and keeping the guestbook full of memories (including memories of some who are no longer with us)? I do hope not!

Posted: Tue May 06, 2008 6:03 am

Just wanted you to know that your last post was duplicated and I removed the second duplicate post. It might make an error if one of you had tried to click a link from the "watch" email....

Posted: Tue May 06, 2008 6:33 am

polperro wrote:

Thanks for taking the time to look at it and get it working again for me, and I'm sorry that I was giving you incorrect information. I will have a word with the tech guy from my hosting company about this.

The redirect in .htaccess makes the links in my shop more search engine friendly, and commenting it out gives me blank pages in the shop. Am I going to have to choose between being search engine friendly and keeping the guestbook full of memories (including memories of some who are no longer with us)? I do hope not!

Not at all. It just needs to be rewritten correctly.

Posted: Tue May 06, 2008 2:24 pm

Raven wrote:

polperro wrote:

Thanks for taking the time to look at it and get it working again for me, and I'm sorry that I was giving you incorrect information. I will have a word with the tech guy from my hosting company about this.

The redirect in .htaccess makes the links in my shop more search engine friendly, and commenting it out gives me blank pages in the shop. Am I going to have to choose between being search engine friendly and keeping the guestbook full of memories (including memories of some who are no longer with us)? I do hope not!

Not at all. It just needs to be rewritten correctly.

That's beyond my capabilities. I've removed links to KISGB (but left the KISGB folder where it was) whilst I try to find a way to get it working again without removing my search engine friendly urls.

Sorry for wasting your time and falsely accusing KISGB of being the cause of the problem.

Posted: Tue May 06, 2008 5:59 pm

Dave,

I am not upset, especially not with you Laughing

. I can be sarcastic with a very dry sense of humor so please don't take anything personally! If you will give me an example of an input link and how you want it rewritten I'm sure I can write it for you.

I didn't take it as an affront to KISGB. I am just so sick and tired of these dime-a-dozen so called "techs" who don't know their a** from a hole in the ground. And trust me - I run into them constantly Wink

Posted: Wed May 07, 2008 6:10 am

Gaylen,

It's typically kind of you to offer to help, but it's not KISGB which is causing the problem. There are a few add-ons which make search engine friendly urls for osCommerce and the 3 that I've tried so far use methods which break one aspect or another of my shop or site. This one breaks the guestbook. It's up to me to find a method which doesn't break anything. So I'll remove the add-on and search for a better way.

I know guestbooks are unfashionable nowadays. But I still like them, and KISGB has been there since my site started and holds posts from friends who are no longer alive. So I'll do what I can to keep KISGB, which has worked flawlessly for many years. Besides which, it's the only guestbook with a Cornish flag!

Thanks again for all your help, and that includes showing me where this current problem originates from.

All the best to you,
Dave.

Posted: Wed May 07, 2008 11:49 am

You might try using your rewrite rule in a directory container so that it excludes the guestbook folder. This is just a pseudo-code example. You will need to work out the specific syntax.

<Directory !guestbook>
RewriteRule blah blah
</Directory>

BTW, search engines pretty much don't care anymore about the shortened url's according to what I've been reading. But, I agree, they definitely look nicer.