FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Password Protected Directories





alkutob
Today I tried to enter my site ( MKportal + forum ) as usual , but I was shocked when I found this error in the main page of mkportal
Code:
kcEMq7N398
Warning: main(..//Settings.php) [function.main]: failed to open stream: No such file or directory in /home/alkutob/domains/alkutob-jordan.frih.net/public_html/mkportal/include/SMF/smf_driverf.php on line 37

Warning: main(..//Settings.php) [function.main]: failed to open stream: No such file or directory in /home/alkutob/domains/alkutob-jordan.frih.net/public_html/mkportal/include/SMF/smf_driverf.php on line 37

Warning: main() [function.include]: Failed opening '..//Settings.php' for inclusion (include_path='.:/usr/local/lib/php') in /home/alkutob/domains/alkutob-jordan.frih.net/public_html/mkportal/include/SMF/smf_driverf.php on line 37

Warning: main() [function.main]: open_basedir restriction in effect. File(/QueryString.php) is not within the allowed path(s): (/home/alkutob/:/tmp/:/var/tmp/:/var/www/:/usr/local/lib/php/:/etc/virtual/) in /home/alkutob/domains/alkutob-jordan.frih.net/public_html/mkportal/include/SMF/smf_driverf.php on line 40

Warning: main(/QueryString.php) [function.main]: failed to open stream: Operation not permitted in /home/alkutob/domains/alkutob-jordan.frih.net/public_html/mkportal/include/SMF/smf_driverf.php on line 40

Fatal error: main() [function.require]: Failed opening required '/QueryString.php' (include_path='.:/usr/local/lib/php') in /home/alkutob/domains/alkutob-jordan.frih.net/public_html/mkportal/include/SMF/smf_driverf.php on line 40


The forum was still working fine ...

I askes some friends about this error and the reason of the presence of SMF in the message error while I am using phpbb , and they adviced me to check ( conf_mk.php ) file .

I checked this file and found all the information of the mkportal was deleted and a new code was left
Code:
<?php
echo "kcEMq"."7N398";
?>


When I asked about this code , I was told that somebody was able to change this file .

I will backup my site now but how can I protect my files ?

Is using the feature of Password Protected Directories in DirectAdmin useful for protecting my files ?

Help me please
ChrisCh
alkutob wrote:
Is using the feature of Password Protected Directories in DirectAdmin useful for protecting my files ?

It is very useful - but keep in mind that anything you protect with this will require you to login separately just to view the file - and passwords can only be managed from the DirectAdmin panel. So if you were going to go down this track, then I would suggest only using it on important config files rather than your whole site.
alkutob
Yes ... I tried to protect the forum folder but when members need to login

they will be asked to enter the password .

So I will try only to protect the config.php file of the forum and the

conf_mk.php file of mkportal ...I hope this will not affect the login into

the forum or the portal .

Thank you ChrisCh
Bondings
Password protecting files won't help in your case. The config files are not visible anyway and also not editable to normal users.

What I understood that happened is that someone (or a bot) found an exploit and changed your config file. If that is the case, then you need to patch your software (smf) and install the latest version.
alkutob
Bondings wrote:
Password protecting files won't help in your case. The config files are not visible anyway and also not editable to normal users.

What I understood that happened is that someone (or a bot) found an exploit and changed your config file. If that is the case, then you need to patch your software (smf) and install the latest version.


Yes exactly , someone changed my portal conf_mk.php file and the message which appear due to that changes made it as I have SMF forum in the time that my forum is phpbb2.0.19 version .

And these changes were happened when I installed the eXtreme Styles mod to be able to use MorpheusX Template .
When I tried to uninstall an old templates there was the FTP Configuration feature
Quote:
FTP Configuration
To use this feature you must set FTP settings. A password will not be stored and eXtreme Styles will ask you for a password every time you select functions that requires FTP access


I supplied my information with my password and then after less an hour my files were changed .

I think they restore the passwords there !!!!

I made a backup and changed my passwords , and now searching more secure ways to protect my files and efforts

Thank you Bondings for your interest
Related topics
My site and Questions about it
password protected directories with directadmin?
Domain issue!!!!1
trying to put up forums... help?
Password Protected pages
Servers
Sobre o Painel de Controle
htaccess
403 forbidden
pasword gate
How can I make a login page?
how to protect a directory HELP
Directory/Script protection
how do you setup password protected directories?
Reply to topic    Frihost Forum Index -> Support and Web Hosting -> Web Hosting Support

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.