Boojum

Thank you. I did experience some connection problems yesterday thanks to router issues outside my control, so perhaps it was just that. I'll try to update the page again tonight and see if the problem persists.

I've been using FileZilla 3.9.0.6 to upload files to my site. This worked well until yesterday, when I tried to update my "404" error page (whose URL I apparently cannot display in this post, so I attach a copy of the source file). When I did this, the server returned a parsing error, complaining of an "unexpected" text string in lieu of/before the DOCTYPE declaration. I carefully inspected the source page on my hard drive and found no such string, but as a precaution I copied the DOCTYPE declaration from another page that displayed correctly and uploaded again ... with the same result. After several rounds of failed attempts to repair this problem, I restored the page from backup. Now it displays properly but is out of date. On investigation, I discovered that FileZilla has a known security hole: It transmits passwords in clear text. I now ask the advice of FileZilla experts on the forums. 1) Do you have any idea what would cause the parsing error I described, and is there a workaround? 2) Is it likely that the security breach explains this error? 3) Am I best advised to abandon FileZilla and download another FTP program? 4) If so, which one?

I'll do that. Thanks, Thomas.

When I tried to enable Hotlink Protection through CPanel, I got this error: "Hotlink Protection There was an error while enabling hotlink protection. Show Details Apache detected an error in the Rewrite config. Syntax error on line 2 of /home/squortc/public_html/.htaccess.wPvgA9KbyWMvOKBOc2mrwl_EUPM8ncKo: Invalid command 'suPHP_ConfigPath', perhaps misspelled or defined by a module not included in the server configuration Please try again." (Note: the "Show Details" link doesn't work.) Now, the line in question was inserted in my .htaccess file by an admin to enable PHP includes without compromising security, and I hesitate to tamper with it. What do I need to reset to correct this conflict?

I don't believe there's anything too sensitive in them, so here they are. 1) Primary domain: suPHP_ConfigPath /home/squortc IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti* order deny,allow deny from all allow from all order deny,allow deny from all AuthName www.squort.com AuthUserFile /home/squortc/public_html/_vti_pvt/service.pwd AuthGroupFile /home/squortc/public_html/_vti_pvt/service.grp Redirect permanent /family.html http://www.squort.com/family.php'>http://www.squort.com/family.php Redirect permanent /links.html http://links.squort.com/index.php'>http://links.squort.com/index.php Redirect permanent /chess.html http://santa-cruz.squort.com/chess/index.php'>http://santa-cruz.squort.com/chess/index.php Redirect permanent /csa-princ-english.html http://nation-and-world.squort.com/alliance/principles.php'>http://nation-and-world.squort.com/alliance/principles.php Redirect permanent /csa-intro.html http://nation-and-world.squort.com/alliance/index.php'>http://nation-and-world.squort.com/alliance/index.php Redirect permanent /up-intro.html http://nation-and-world.squort.com/unity/index.php'>http://nation-and-world.squort.com/unity/index.php Redirect permanent /quotes.html http://nation-and-world.squort.com/issues/quotes/index.php'>http://nation-and-world.squort.com/issues/quotes/index.php Redirect permanent /iraq.html http://nation-and-world.squort.com/issues/essays/iraq/why-invade.php'>http://nation-and-world.squort.com/issues/essays/iraq/why-invade.php Redirect permanent /iraqimages.html http://nation-and-world.squort.com/issues/essays/iraq/war-crimes.php'>http://nation-and-world.squort.com/issues/essays/iraq/war-crimes.php Redirect permanent /twisted.html http://humor.squort.com/twisted.php'>http://humor.squort.com/twisted.php Redirect permanent /warthog.html http://humor.squort.com/warthog.php'>http://humor.squort.com/warthog.php Redirect permanent /devdict.html http://humor.squort.com/devdict.php'>http://humor.squort.com/devdict.php Redirect permanent /jokery.html http://humor.squort.com/jokery.php'>http://humor.squort.com/jokery.php Redirect permanent /kaleidoscope.html http://downloads.squort.com/kaleidoscope.php'>http://downloads.squort.com/kaleidoscope.php # #php_value include_path ".:/usr/local/lib/php:/home/squortc/public_html/economy/marxism_inc.php" # ErrorDocument 404 /errors/404.php 2) Economy subdomain: IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti* order deny,allow deny from all allow from all order deny,allow deny from all AuthName www.squort.com AuthUserFile /home/squortc/public_html/_vti_pvt/service.pwd AuthGroupFile /home/squortc/public_html/_vti_pvt/service.grp Redirect permanent /family.html http://www.squort.com/family.php Redirect permanent /links.html http://links.squort.com/index.php Redirect permanent /chess.html http://santa-cruz.squort.com/chess/index.php Redirect permanent /csa-princ-english.html http://nation-and-world.squort.com/alliance/principles.php Redirect permanent /csa-intro.html http://nation-and-world.squort.com/alliance/index.php Redirect permanent /up-intro.html http://nation-and-world.squort.com/unity/index.php Redirect permanent /quotes.html http://nation-and-world.squort.com/issues/quotes/index.php Redirect permanent /iraq.html http://nation-and-world.squort.com/issues/essays/iraq/why-invade.php Redirect permanent /iraqimages.html http://nation-and-world.squort.com/issues/essays/iraq/war-crimes.php Redirect permanent /twisted.html http://humor.squort.com/twisted.php Redirect permanent /warthog.html http://humor.squort.com/warthog.php Redirect permanent /devdict.html http://humor.squort.com/devdict.php Redirect permanent /jokery.html http://humor.squort.com/jokery.php Redirect permanent /kaleidoscope.html http://downloads.squort.com/kaleidoscope.php AddType application/x-httpd-php52 .php php_value include_path ".:/usr/local/lib/php:/home/squortc/public_html/economy/marxism_inc.php" --- So, how much of all that verbiage do I actually need? ;-)

Thanks, Bruce. I was wondering about that last. These files may be in part legacies from my former site, Squort.com, which used the same account. It occurs to me that the files could themselves have caused the installation of the FP extensions. In fact, the files contain a great deal of what seems to me to be obsolete or irrelevant material: redirects for Squort.com and the like. There's also some language that simply mystifies me. If you'd like, I could upload the contents of both (they're quite short) so you can see what I'm talking about. Also, does each subdomain need its own .htaccess, or is that required only for the primary domain? Sorry to drown you in questions.

Today I discovered a new folder, called "test" in my main directory. The folder contained one file, titled ".ftpquota"; this file contained the following text string: "0 0" (zero space zero). Its creation date/time was Dec. 15 at 1:25 a.m. What might this mean, and should the folder be deleted?

The answers would depend on what you mean by "at one time" and "old." :-) The principal domain has existed since, I believe, 2008, but the subdomain was created in late 2010 or early 2011. Now: When I do remove the extensions and re-upload the .htaccess files, should I anticipate any possible complications?

When I visited the "Password Protect Directories" page on CPanel, I discovered that my main domain and one of my 11 subdomains have FrontPage extensions installed on them, while the remaining subdomains don't. I'm puzzled as to why this should be so. I never installed FrontPage myself, so assume TCH installed it for me at some point, but why only on those two domains? Also, from what I understand, the extensions are not recommended and should be uninstalled. Is there any reason why I shouldn't uninstall them from the two domains that have them, and then proceed to re-upload my .htaccess files for those domains? Or is there anything else I need to be aware of before doing this?

Ahem. *Does* anyone here know anything about startcom and similar free SSL certification services?

Precisely: A privacy policy should be an honest statement rather than an unfulfillable promise. That's why I raised this question, having seen too many sites guarantee privacy and information security, while running entirely under http, prompting the question, "How do you *know* users' information is really secure?" It's my personal conviction that ultimately *every* webpage should be encrypted. Even this would provide no absolute certainty of privacy, but it would definitely be better than sending all communications from site to user, and vice versa, in the clear. Given, however, that implementing this would be unwieldy and tend to slow communication if over-applied, I am interested in finding a way to make contact forms, comment modules and donation forms secure. One suggestion I've seen elsewhere is to use startcom's free SSL certification service, but I've also read that its certificates are not universally honored. Also, the process of installing them seems a bit awkward and complex. Anyone happen to know more about startcom and equivalent services? I'd definitely like the option of generating some encrypted pages so I can offer a fair assurance of security to correspondents, commenters and donors, but I really know very little about how to effect this.

I'm running a noncommercial (journalistic) site, so I don't need to implement a full ecommerce solution. However, I do use feedback forms and ideally would prefer to arrange donations without using Paypal or its equivalent. My concern is that, at the least, communications with visitors can be potentially intercepted and information about the users stolen; I'm afraid this might tend to invalidate any privacy policy I might post, since it means I can't really promise that people's private information will stay private. What would you recommend I do to offer my visitors private communications without investing in an SSL certificate -- which I understand can be quite expensive? I need a no- or low-cost solution that makes my privacy policy meaningful.

Hello, Thomas. Long time, no see. I'm actually thinking more along the lines of a sort of generic script that I can customize to suit my site. WordPress is entirely out of the question; I want a maximum of autonomy and a minimum of prefabricated design. I thought about Disqus, but there I run into a technical issue: I'm using Mac OS 9 (and am unable to upgrade right now because of financial strictures), and Disqus isn't recognizing my browser or letting me log in.

I'd like to create a box on each of my pages so readers can leave comments, preferably with a Captcha system to filter spambots and some means for me to delete comments from human spammers. Can anyone suggest a solution for this that will work well with CPanel and the software pre-installed on TCH's servers?

bane

Hybrid.

Thank you, MadmanMCP/Bob and abinidi, for presenting the above suggested solutions. I think, however, that there is a fatal flaw in all of them: As I specified in my previous post, the image distortion appears only on my site. I can't imagine this would occur in any of the scenarios suggested. What I wonder is whether my ISP could, without notifying me, have cached the images on its own server in low-quality format to save a bit of bandwidth (at my expense, but then, business has -- for the most part -- no ethical objections to shortchanging its customers if doing so will increase profits).

My thanks to all of you for examining my site and letting me know what you saw. Apparently, this will remain an unsolved mystery for the moment. The images, as seen on my computer, are still "off," as they have been for a bit over two months. Clearing my browser cache has no effect, and the problem does not appear to affect any other sites. It will soon cease to be relevant anyway; I'm about to redesign some of the images in question.

I have cleared my browser (IE 5.16 for Mac OS 9) cache roughly 30 times in the two months during which this problem has manifested. This does not appear to be the issue.

A new mystery: Why would the images I use on my site spontaneously deteriorate? I uploaded the great majority of my images over a year ago, and have not altered them in any way, and yet I suddenly find over the past month or so that most of them no longer look like the images I constructed and uploaded. In particular, the mouseover states of my navigation tabs and buttons look strange: Ordinarily in shades of gray "glass" with turquoise text, they now have streaks of red that I cannot account for, and the text is virtually illegible. Also notable is the newly apparent roughness of the "metal" bars I use for my site slogan and copyright warning. And in general, virtually all the images look jagged and of inferior quality -- which they were not previously. Has anyone else had a similar experience, and if so, what causes it and is there any remedy? (Note: If needed for purposes of comparison, I can upload samples of the original images from my computer.)

This is getting bizarre. I am once again unable to log into CPanel for Squort.com. I attempted to do so, using the default login info that appeared when I went to the page, and received a "login attempt failed" message. I then tried typing in the new password to which I had recently switched: login failed. Then tried the previous password, with the same result. Then tried the one created before that, again to no effect. The upshot is that I am now unable to access CPanel for my own site, for no apparent reason, and I would like to know why. (Please note that both this forum and CPanel itself seem to have problems "remembering" my computer, which perhaps has something to do with the OS I'm using: Mac OS 9. It seems to me that this represents bugs in the underlying software for both programs, and since they are programs selected by TotalChoice, I am not willing to accept being told "Contact the softwaremakers" again; it is, simply, not my responsibility to do that, and if I were making the choices, the softwaremakers would have either corrected such persistent problems by this time, or I would have rendered their failure to do so irrelevant by replacing them with someone who can be trusted. This needs to be addressed.)

Thank you, Bruce. I will open a help desk ticket as advised. However: I still want someone to explain what happened to cause my previous posting on this subject to disappear without a trace. It's hard to feel a sense of confidence in the forums if your posts simply quietly cease to exist.

I now have two questions: 1) I cannot change my password in CPanel (for www.squort.com), although my continuing access to the panel argues that I am in possession of and using the correct password. Instead, I keep getting a password records error. Can anyone explain this, and how do I correct it? I need to update the password in light of security concerns in the wake of the recent file-deletion issue referenced in another topic on this forum. 2) I posted this same question last night as soon as I became aware of the problem. When I returned just now to check for replies, however, I found that my question had vanished from the forum without explanation. I then attempted to go directly to the page containing the question itself from my browser history -- and promptly received another error message, this one telling me that the link to the page was bad or outdated! What gives?

Thank you, gentlemen. The directories and their included files have been restored. Now let's hope they stay put this time.

Confirmation: The subdirectories for quotes, essays and the Common Sense Alliance inside /nation-and-world/ are indeed missing. Now: How and why would this occur, and what is the simplest remedy? (It is noteworthy, by the way, that the missing directories contained most of the potentially contentious or controversial essays on the site. This does tend to lead to a suspicion of foul play.) Also: How do I go about quickly detecting any future such errors or deletions from my site? Is there any less onerous method than hand-checking each page frequently?