|
|
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
2010-09-12, 07:28 AM | #1 |
Subversive filth of the hedonistic decadent West
Join Date: Mar 2003
Location: Southeast Florida
Posts: 27,936
|
OpenX was hacked on my server yesterday but all is well now.
Woke up yesterday to find Google malware notices on my TGP.
Big thanks to my host Colo-Cation and cd34 aka Sparky for quickly helping in finding and removing the malware from my banners. OpenX was hacked and malware code as appended to my banners. OpenX has been upgraded to the latest version so hopefully this won't happen again. Naturally all this had to happened on one of the few days that I was away from the computer spending the day on an island. Thanks for everyone that sent me a heads up on this. All should be well now. |
2010-09-12, 10:59 AM | #2 |
"Young dumb and full of cum"
|
Seems like Open X is a big target for hackers.
We've had a few issues with Open X also. Too scared to use it again. Glad to see everything is ok
__________________
JAPANESE ADULT AFFILIATE PROGRAM |
2010-09-12, 01:35 PM | #3 |
Subversive filth of the hedonistic decadent West
Join Date: Mar 2003
Location: Southeast Florida
Posts: 27,936
|
It's a fucking mess.
Google now has this in my Webmaster's Tools admin. "A review for this site has finished. The site was found clean. The badware warnings from web search are being removed. Please note that it can take some time for this change to propagate." The database that browsers use to check if a site has malware needs to propagate and it may take a few days to propagate. Unfortunately the database that says I do have malware is still propagating out and then right behind that one will be the database that says I don't have malware. All this may take a few days. I'm having to use Firefox with "Block reported attack sites" unchecked in order to surf my own stuff. |
2010-09-12, 02:14 PM | #5 |
Shift Out / X-On
|
|
2010-09-12, 03:12 PM | #6 |
a.k.a. Sparky
Join Date: Sep 2004
Location: West Palm Beach, FL, USA
Posts: 2,396
|
While safewatch was/is a good concept, due to a few limiting factors of the way google publishes data, the root domain in cleo's case was not tagged, only the /tgp/ directory.
It is still a good indicator since 99% of the malware will be present on all pages.
__________________
SnapReplay.com a different way to share photos - iPhone & Android |
2010-09-12, 05:54 PM | #7 |
Subversive filth of the hedonistic decadent West
Join Date: Mar 2003
Location: Southeast Florida
Posts: 27,936
|
For Safari users I figured out how to turn off the warning so that I can at least surf my own stuff until my domain is removed from the malware database.
|
2010-09-12, 09:03 PM | #8 |
Of all the things I've lost, I miss my mind the most.
|
Just told Cleo in a PM, I just spent hours updating my OpenX. I was on version 2.0.11 and the latest is 2.8. OMG, I had stats for 5 years of banner data, I finally had to dump the log files, the script kept giving me this oh so helpful error:
#! UPGRADE FAILED: tables_core_544 #! omg it all went PEAR shaped! _doQuery: [Error message: Could not execute statement] [Native message: MySQL server has gone away] well sorry to hear it gained weight. before that, it had this one file it wanted you to have, but half way through the install, it tried to write to that, it was there, and bombed out. I'm just glad I got it updated, I went through a hack about a month ago from a banner downloading a trojan, last thing I want is someone hacking OpenX.
__________________
Our 3D Comics and Props on Renderotica |
2010-09-12, 11:20 PM | #9 |
Subversive filth of the hedonistic decadent West
Join Date: Mar 2003
Location: Southeast Florida
Posts: 27,936
|
Looks like my site has been cleared in Safari, Firefox and Crome.
Maybe I can actually get some sleep now. |
2010-09-13, 12:18 AM | #10 |
Subversive filth of the hedonistic decadent West
Join Date: Mar 2003
Location: Southeast Florida
Posts: 27,936
|
Sparky gave a good tip.
I chmod 700 OpenX's admin directory so that no one can access it. If I need to add a banner or something it no big deal to temporally change while I need to access it and then change it back after. At this point I don't really trust OpenX anymore. |
2010-09-13, 08:50 AM | #11 |
You can now put whatever you want in this space :)
|
UGH! I havent cheked my OpenX in a very long time. I guess its time. Thanks for sharing.
|
2010-09-13, 09:55 AM | #12 | |
Of all the things I've lost, I miss my mind the most.
|
Quote:
My old version has been hack free for years, knock wood. I don't know if I'd of upgraded it after seeing all the people with recent versions getting hacked in the community forums.
__________________
Our 3D Comics and Props on Renderotica |
|
2010-09-13, 10:51 AM | #13 |
wtfwjd?
Join Date: May 2007
Posts: 2,103
|
I can't chmod my admin directory...it keeps changing back to 755. Anyone know why? I'm working with the one in the www folder.
|
2010-09-13, 03:43 PM | #14 |
Women might be able to fake orgasms But men can fake whole relationships
Join Date: Oct 2003
Location: Fort Lauderdale, Fl
Posts: 2,408
|
A lot of mainstream sites that are using openx have been hacked lately
|
2010-09-13, 03:59 PM | #15 |
Subversive filth of the hedonistic decadent West
Join Date: Mar 2003
Location: Southeast Florida
Posts: 27,936
|
Actually I was thinking that we could htaccess the admin directory and make it require a password.
|
2010-09-14, 07:06 AM | #17 |
Subversive filth of the hedonistic decadent West
Join Date: Mar 2003
Location: Southeast Florida
Posts: 27,936
|
Last night I password protected my admin directory using htaccess.
|
2010-09-14, 09:25 AM | #18 |
wtfwjd?
Join Date: May 2007
Posts: 2,103
|
Do have the code for that?
My OpenX is not working at all right now. I have an trouble ticket in to see what's going on. |
2010-09-14, 09:36 AM | #19 |
Subversive filth of the hedonistic decadent West
Join Date: Mar 2003
Location: Southeast Florida
Posts: 27,936
|
To password protect a directory.
First go here and encrypt a userID/password. http://www.e2.u-net.com/htaccess/make.htm In a directory someplace on your server create a file named. Code:
.htpasswd Now in the directory that you want to protect create a file named Code:
.htaccess Code:
AuthUserFile /path/to/your/password/file/.htpasswd AuthGroupFile /dev/null AuthName "Whatever You Want The Password Dialog To Be Called" AuthType Basic <Limit GET POST> order allow,deny allow from all require valid-user </Limit> |
2010-09-14, 10:30 AM | #20 |
wtfwjd?
Join Date: May 2007
Posts: 2,103
|
Excellent, thanks Cleo!
|
2010-09-14, 08:59 PM | #21 |
a.k.a. Sparky
Join Date: Sep 2004
Location: West Palm Beach, FL, USA
Posts: 2,396
|
Appears if you are using anything but the javascript delivery, the admin directory cannot be protected.
LD, in the control panel, you can automatically generate .htaccess/.htpasswd files.
__________________
SnapReplay.com a different way to share photos - iPhone & Android |
2010-09-14, 09:12 PM | #22 | |
Subversive filth of the hedonistic decadent West
Join Date: Mar 2003
Location: Southeast Florida
Posts: 27,936
|
Quote:
Does it work if you chmod 700 the admin directory? Never noticed the htaccess thing in our control panel but I also never looked for it. |
|
2010-09-14, 09:24 PM | #23 |
a.k.a. Sparky
Join Date: Sep 2004
Location: West Palm Beach, FL, USA
Posts: 2,396
|
I believe the iframe and php includes try to include a file from the admin directory for some display function. It does indeed break when the admin directory is set to chmod 700.
Javascript delivery appears to have been written after the fact and doesn't use those includes and works when the admin directory is chmod 700.
__________________
SnapReplay.com a different way to share photos - iPhone & Android |
2010-09-14, 09:44 PM | #24 |
wtfwjd?
Join Date: May 2007
Posts: 2,103
|
I'm all protected now, thanks guys.
|
2010-09-14, 10:49 PM | #25 |
Subversive filth of the hedonistic decadent West
Join Date: Mar 2003
Location: Southeast Florida
Posts: 27,936
|
I liked this program a whole lot more back when it was PhpAdsNew. The admin was way less confusing and it did everything that I needed it to do and was simple to use.
It seems like it has turned into bloatware with all kinds of features that are only needed by a few. |
|
|