I have a serious Security Issue I believe.

New Member Joined: Jan 25, 2006 Posts: 2

I'm new here and still kind of new to using php-nuke. I'm using version 7.9.31 and have come upon a pretty serious problem I think.

I have been using a application called GsiteCrawler to generate a sitemap for my website. It's a nice program and work well. The problem is that while it is crawling your website using multiple crawlers the website gets corrupted. Or, rather the MySql database it uses gets corrupted.
I was using it and while it was running crawling my site I opened my browser and went to my site. Many parts of the site were no longer operating (modules and Blocks). Some were not even visible. I knew it was a database problem. I the went to admin.php and it displayed the form for entering a new admin name and password. Just like it would when you first install php-nuke and go to admin.php.
I didn't want to enter in new admin logon name and password fearing it would screw up the database even more. So, I went into my server control panel and checked out the database. It was showing that many tables had be corrupted. I had to manually repair each table.
I went back to the my website with IE and now everything was functioning good as it should.

Now I've run GSiteCrawler several other times and everytime I run it to crawl my site it does exactly the same thing again. Once I noticed a error message that Database had run out of memory. I had to have my website host reset the server to get things working again.

The whole issue here seems that running GSiteCrawler will corrupt the MySql Database and allow someone to enter admin.php and reset the admin's logon name and password. It seems to overload the server I think. Maybe something to do with using sessions I think. As it is one of the tables that get corrupted.

I not sure why this happens as I'm not well versed in MySql or Php programming. I have only a few months experience with it so far.
So, maybe someone here can look into this better then I can.

Thanks,
Bryan

Posted: Wed Jan 25, 2006 10:19 am

I use the same software so it isnt that.
I may be your host has set a limit on the number of mysql requests it allows to prevent resources from geting out of hand - on you on a shared hosting environment?
BTW you can limit the number of crawlers it uses through its config interface - it will take linger to crawl your site but it may be worth trying.

Posted: Wed Jan 25, 2006 10:45 am

Guardian2003 wrote:

I use the same software so it isnt that.
I may be your host has set a limit on the number of mysql requests it allows to prevent resources from geting out of hand - on you on a shared hosting environment?
BTW you can limit the number of crawlers it uses through its config interface - it will take linger to crawl your site but it may be worth trying.

I set crawlers to 3 last night and it did it again. It's odd too that my Host's admin panel offers PhpMyAdmin and it also generates a error when trying to log into it. The Admin panel also allows you the option to repair your database files so this is what I have to use to get my site working again.
Yes, I'm on a shared server I believe.
If this program causes a problem like this using only 3 crawlers what will happen then I get more the 3 users at the same time on my site. My website is only about a month old and I don't get any traffic to it yet.
Do you think if I get 3 or more users I'll have a similar problem?
Also even if the host is limiting the number of Mysql requests how does this cause my Database to get screwed up?
Sorry for so many questions I'm just trying to get a handle on whats going on. I like php-nuke alot. I use to run subdreamer and it wasn't as good as others have said. Mambo might be my next choice if Php-Nuke causes to many security problems. Although I guess mambo has it's problems also.

Thanks,
Bryan

Posted: Wed Jan 25, 2006 4:29 pm

I'm far from an expert but the fact you are implying the data is getting corrupted seems to indicate a problem with yout host.
Perhaps they update their mysql version recently and only did half the job?
Contact your host and ask them whats going on.

Posted: Wed Jan 25, 2006 7:25 pm

BryanSw,
Id this a "Fresh" site? How much content do you have in it? My suggestion is to DUMP 7.9 like a HOTT ROCK and go with Ravens Distro. The greatest minds of the Nuke world still don't have 7.9 close to secure. 7.6 is the best it gets.

Dawg

Site Admin Joined: Jun 04, 2004 Posts: 6433

I agree with Dawg about using 7.6 - and RavenNuke76, specifically, but I think Guardian is correct, too. The problem seems to be with the host - or with the database running on the host server. The database software could be messed up, or simply not configured correctly. Either way, I'd suggest requesting that the host look into it. I'd bet that other sites on the same server have similar issues.

New Member Joined: Jan 10, 2006 Posts: 13

How about using the OS permissions and lock down the admin.php & /admin folder? Then utilize SSL to secure the login process.

Posted: Sat Feb 11, 2006 6:11 am

SSL will only secure the log-in process, it will not secure code which is buggy or susceptable to a vulnerability.

Posted: Sat Feb 11, 2006 5:25 pm

BryanSw wrote:

I went into my server control panel... It was showing that many tables had be corrupted. I had to manually repair each table...

Can you explain this a little more -- how you determined they were corrupt -- exactly what you did 'manually' to fix them, et cetera?

Personally, when my sql db gets corrupt, I use phpMyAdmin to repair the problem[s]. Works every time, and it's a simple point n' click, 'push-button' process. Wink

The only 'manual' thing I do in my db (on a regular basis) is get rid of bogus HTTP referers, from porn sites, and such, e.g. 'referral spammers'...