Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by Pony99CA

  1. That notice (posted 5/31/2012 -- yesterday) that you linked to says the following: "Identified during the course of normal QA"? "No reason to believe that these vulnerabilities are known to the public"? Really? Is having client sites get hacked "normal Quality Assurance testing"? Are they just lying? If they really did identify these as part of QA, shouldn't the patch have been available earlier? They also mentioned automatic updates. Does TCH have cPanel and WHM automatically update? Steve
  2. I can log into my cPanel on various sites, but I can't access phpMyAdmin or WHM. Steve
  3. Is that post going to be here, or was it made somewhere else? I'm very curious what happened. A client of mine also reported being hacked (my reseller account is on jandoon), and her password isn't obvious. Based on the extent of the damage, I'd guess they got access to the server as a whole, not individual accounts. I suppose that this loser could have guessed a lot of client passwords (I've seen a hack on a discussion board that I used to help on where they accessed accounts whose passwords were the same as their user names), but I don't think that happened in this case given that my client's password isn't that poor. By the way, you can use a service like my-ip-neighbors.com to find out who else is on your server. Steve
  4. A spammer's post triggered an update notification about this. Was the problem's cause ever described here? I'm still curious what it was. Thanks, Steve
  5. OK, I opened a ticket. The response was to upgrade me to PHP 5.3. Upgrading to PHP 5.3 did fix the problem, but that doesn't explain why PHP 5.2 doesn't display errors. It appears that the transition isn't as seamless as expected. Steve
  6. Since this update was done, something seems to have gone wrong with PHP error handling. I was updating a script that was working a few weeks ago. When I ran it, I got no output, so I added ECHO statements, which did appear. That lead me to believe that there might be an error in my script, so I intentionally added a syntax error and ran the script again. No error message was output! To prove that it wasn't my updates, I took another script of mine, uploaded it, ran it and it worked fine. I then injected a syntax error, ran it and got no output at all. Previously, when I had a PHP error, I'd get output in my browser about the error (type of error, line number, etc.), but I'm not getting that now. Did anything change with regard to PHP errors? Thanks, Steve
  7. I'm trying to block any E-mail containing URLs to Russian, Chinese and Indian sites. I thought that the following regexp would catch most of them: http://('>http://([a-z0-9_+-]+\.)*[a-z0-9_+-]+\.(ru|in|cn) However, for some reason, it also blocks http://www.billrussel.com which I don't want. i've tried various permutations, like: http://([a-z0-9_+-]+\.)*[a-z0-9_+-]+\.(ru|in|cn)\b which also generated false positives. What's a good regexp to use that works both within text and at the end of text? Thanks for any help, Steve
  8. That's good. Can we have any information on what component (high-level -- PHP, Apache, a forum, etc.) was compromised? It will help us determine whether or not we have anything to worry about. Thanks, Steve
  9. If this exploit was unknown to the public, did you forward it to the appropriate software developers and/or reputable security agencies? I'd be curious in knowing what component was exploited (obviously you can't release the details of how the exploit was done). Steve
  10. I just noticed this now. I guess there needs to be a way to auto-subscribe people to their own birthday topic here.... Thanks, Steve
  11. Sorry, maybe I wasn't clear. I meant that IE and ISPs providing their own search pages was like VeriSign's Site Finder, not that it was similar to what Network Solutions is doing by holding the domains themselves. Regarding Network Solutions, do registrars make available data on what domains were searched for? I can understand making data available on what is actually registered, but why would they show what was being searched for? (Well, maybe to get more money, I suppose. ) Steve
  12. Wild West Domains is GoDaddy's subsidiary that allows affiliate domain sales. Compare Wild West Domain.com's WHOIS information: Wild West Domains, Inc. 14455 N Hayden Rd #219 Scottsdale, Arizona 85260 United States with GoDaddy.com's: GoDaddy.com, Inc. 14455 N Hayden Rd #226 Scottsdale, Arizona 85260 United States Look familiar? But see if you can find GoDaddy mentioned on Wild West's site.... However, if you visit GoDaddy's Reseller page, you'll see the link. So it's quite likely that TCH gets a cut of the sales -- not that that's necessarily a bad thing. And it doesn't mean that TCH is registering searched domains, of course. Steve
  13. Network Solutions isn't the only registrar that has been accused of shady business practices. Remember VeriSign's "Site Finder", which basically did default routing (routing unregistered domains to their own page), similar to what Ken Ham did with the .cm domain mentioned in TCH-Dick's post. It seems like Microsoft's Internet Explorer and various ISPs (including Charter, which I use) do the same thing now. Steve
  14. REMOTE_ADDR worked and showed my IP address, but REMOTE_HOST didn't show my host name. IP Chicken does show my host name. It's not a big deal, though. Thanks for the information, Steve
  15. Yes, I can think of a few reasons why somebody might want to do it, but that's just speculation. I want to know why the OP wanted to do it -- there may be better ways to handle the task. One thing a good designer should do is get the real reason for a requirement. For example, if somebody says "I want this text bold on my site", it's easy to tell them about the B HTML tag (or, better, the SPAN tag with appropriate CSS). However, it's better to understand why they want the text bold -- is it just for looks, or is it part of something bigger that may be better handled by creating a new CSS class. Steve
  16. Your question has been answered, but I'm curious why you'd want to do this. From a user interface designer's point of view, scroll bars waste screen space and should only be shown when needed. Steve
  17. I have a PERL script where I'd like to get the visitor's IP address. How do I do that in PERL? I realize that proxies mean that I might not be getting their true IP address, but I don't much care about that. If you can get both the external and true IP addresses, that would be best, but not required. Thanks for any ideas, Steve
  18. I've been using code that I got back in the 90s for my contact form, and it hasn't gotten too much spam (even without a Captcha). You can see two versions of it at http://guest.svvg.biz and http://contact.svpocketpc.com if you're interested (the second one is the better of the two). I did start getting some obvious spam where the spammers were stupid and used the same name for the first, middle and last name fields, so I put a check for that in (and redirected them to a hopefully nasty page). I can't make any claims about the code's security, but if anybody wants to see it, use the contact forms above and request it. (It's written in PERL and works fine on TCH.) If you find a security issue, I'd be interested in hearing about it. Steve
  19. I assumed that you did, but maybe the original poster wouldn't have gotten that. Besides, it gave me a good segue into discussing To filtering and saying that forwarders weren't really necessary with the catch-all. The catch-all approach is nice because, even if somebody mistypes your E-mail address, you'll still get the mail. It might not get routed to the right folder if you use To filtering, but you'll get it. You'll also likely get more spam, but it hasn't been bad on most of my domains as I mentioned previously. Steve
  20. I personally don't have any certificates. I assumed it was an E-mail certificate for authenticated sending. I'll try opening a ticket. Thanks, Steve
  21. In the last few months, whenever I try to send E-mail from my client (Eudora), I get an invalid certificate error. I tell Eudora that's OK, but the E-mail just gets queued, so I have to send it again (which goes through the second time). I don't send lots of E-mail, so it didn't bother me too much. However, I now see the same behavior sending E-mail from my Motorola Q. As I said, this only started happening some time last year. I didn't change my E-mail configuration in Eudora, so I assume the problem is on the server. Could there be a certificate problem on my server (Server377)? Thanks, Steve
  22. I use Eudora as my E-mail client, so I just create a Temp personality which never checks E-mail. When I want to send E-mail out or respond to as one of my aliases, I just put that E-mail address in the Temp personality and then switch my From address' personality to Temp. Steve
  23. It's not just for newsletters -- I use it for any company that I do business with, forums I register at, news sites that force you to register, personal acquaintances, etc. So I'd give Amazon amazon@fake-domain.tld and you somethingelse@fake-domain.tld, for example. That also makes filtering easy. Instead of filtering on the From address (which might change), you can filter on the To address. Remember that they may not have sold your address. Maybe they got a virus or Trojan Horse, for example. And you don't have to lose the newsletter, either. Most sites have a means to change your E-mail address, so just change to the new one, then kill the old one (after any confirmation sent to the old address). If you can't change E-mail addresses, unsubscribe and subscribe with a new address. In fact, you don't even need forwarders for this. I actually just use a catch-all and only create forwarders for addresses that start getting spam. That way I don't need to actually do anything to give somebody a unique E-mail address. The biggest downside with my system is if some low-life spammer spoofs your domain to send spam with random E-mail addresses. I had that happen on one of my domains and had to turn the catch-all off. Fortunately, that wasn't the domain that I do most of my E-mailing from, so I didn't have to go in and create a bunch of forwarders for them. However, on my main domain, I probably don't get 10 spams per week with this system. Sometimes I see a spate of spam, and that's when I create forwarders to bounce them. Steve
  24. Actually, it shouldn't be difficult. Right now, the whole file must be read in (to display the list of forwarders). So if the user clicks an Edit action for a forwarder, the system would know which record was being operated on. When the user made the changes and submitted them, the system would delete the original record and write the new (modified) record (as if the user had added that record). If the software is well-designed (with a Delete method and an Add method), Edit would just be a call to the Delete method followed by a call to the Add method. A competent programmer could probably implement Edit in less than 30 minutes -- unless there's something more going on behind the scenes, of course. Is that the same address I set to :fail:? If so, will that cause problems getting those error reports, or does the system ignore the :fail: setting for mail it sends? I certainly don't want to miss any error messages. Steve
  25. I was hoping that setting the default to :fail: would only bounce "unrouted mail" (and that forwarded E-mail was not considered unrouted). I guess that's not the case. Can you confirm that TCH doesn't send any E-mail to the main account E-mail address? As I've set mine to :fail:, I obviously won't get that now. That certainly helps explain some things -- like why I could create <cpanel-name>@<mydomain>.biz even though <cpanel-name> was also my default address. I assume trying to forward to that full name would be bad in case my server ever gets changed, right? Anyway, I've created another address to forward my E-mail to, and that's working. I just wish this information was more obvious before. It would have saved me from having to redo all of the forwards I had added. Actually, that leads to a wish for cPanel -- that you could edit forwarders. If you want to change a forwarder today, you have to delete the existing one and add the changed one. That's kind of silly, I think. Anyway, thanks for the help and explanations. Steve
  • Create New...