TweezerMan

Welcome to the forums, Mr. Wobbles!

Copying / duplicating a database just isn't an option. The only way to create a new database is by adding one on the "MySQL Databases" page in CPanel. TCH servers are set up so that scripts do not have the ability to create databases on their own, and this includes phpMyAdmin functions that create databases. To effectively duplicate a database, you'll need to 1) create the new MySQL database in CPanel, 2) perform an export of your existing MySQL database, then 3) import the MySQL export into the new database. Assuming you're performing the export with phpMyAdmin, you should select the "gzipped" option under "Compression". This will reduce the size of the export file by 80-90%, which should allow you to export and import databases that are up to 250-500MB in size. A 50MB database should be compressed to into something like a 5-10MB file. I get about 83% compression with my MT 3.2 database when it is exported and gzipped.

BlackCat and I have exchanged a few PMs on this already. The problem was code like this that was already in the .htaccess file: ><Limit GET POST> order allow,deny allow from all </Limit> Since a web page request will typically be a 'GET' request, the web server will obey the above directives (as they are in a more specific context) and ignore the ones that you added to the .htaccess file (which were not in a specific context). With this configuration, the web server will not enforce any 'deny from' directives elsewhere in the .htaccess file - it will grant access to everyone based on the 'allow from all' directive. I suggested to BlackCat that she change the above directives to the following: ><Limit GET POST> order deny,allow </Limit> ...and remove the 'order' directive from the code I suggested to block referers from the site in question: >SetEnvIfNoCase Referer referrerdomain\.com bad_referer Deny from env=bad_referer BlackCat informed me that links from that site are now being properly blocked.

Different Linux distributions use different formats and different programs to install applications and libraries. "RPM" refers to what RedHat and RedHat-based distributions use. "RPM" is short for "RedHat Package Manager", which is the application that retrieves and installes applications and libraries that have been packaged in the "RPM" format. Debian uses a different format and program to install applications and libraries. "apt-get" (I believe) is the program Debian uses to retrieve and install its packages, which are in a different format than "RPM" packages. A number of Linux distributions use the Debian "apt" style packages and "apt-get" to install them. I am not familiar with "YUM" - it's been too long since I've messed with Linux. The main thing you'd need to know is that your Linux distribution will most likely use and support one type of package to install applications and libraries. So, for example, if you have a Linux distribution installed that uses RPM-based packages, you would not be able to download and install packages from a server that has Debian "apt" style packages on it (and the reverse is true as well). Hope this helps...

Your computer may be displaying a locally cached version of your web site, which could make it appear that the .htaccess directives aren't working. You might try clearing your browser's cache, then clicking that link again to see if the .htaccess blocking is really not working. If you'd be willing to PM me a link on their site that contains a link to yours, I can check your .htaccess blocking from my PC also.

Without seeing what you actually put in your .htaccess file, it's hard to say whether there's anything wrong or not. .htaccess files, and mod_rewrite directives in particular, can be finicky about even one character mis-typed. I am cuirous - how do you know so quickly that it is not working? I don't know if you literally meant you put the entire URL in the .htaccess file, but in this case, you want to enter just the domain name from the referer URL you want to exclude, with the periods (dot characters) in the domain name escaped with a '\' ('\.'). What TCH-Andy suggested should have worked. I would recommend a variant of what TCH-Andy posted: >RewriteEngine On RewriteCond %{HTTP_REFERER} referrerdomain\.com [NC] RewriteRule .* - [F] Using 'r' instead of 'R' on the Rewrite directive names shouldn't matter. On the RewriteCond directive, the trailing '[NC]' indicates "No Case", meaning that the comparison to the referer is a case-insensitive one. (It will catch 'ReferrerDomain.com' as well as 'referrerdomain.com', for example.) If you need to block more than one referer domain, each RewriteRule directive except the last one must also contain the [OR] flag, so the referer will be blocked if it matches any one of the RewriteCond directives, rather than having to match all of them at the same time (the default behavior): >RewriteEngine On RewriteCond %{HTTP_REFERER} referrerdomain\.com [NC,OR] RewriteCond %{HTTP_REFERER} referrerdomain2\.com [NC] RewriteRule .* - [F] Another method to block access by referer, using different .htaccess directives: >SetEnvIfNoCase Referer referrerdomain\.com bad_referer Order deny,allow Deny from env=bad_referer Again, you'd replace 'referrerdomain\.com' with the domain name from the referer URL you want to block (and escape the dots in the domain name - '\.'). If you need to block additional domain names by referer, you can insert more SetEnvIfNoCase lines before the 'Order' directive as necessary. Hope this helps...

Congratulations, Aaron!

Welcome to the forums, DrewT!

Welcome to the forums, Corey!

I think a better question would be whether it's 'expected' rather than 'normal'. A '302' redirect is also known as a 'temporary' redirect. There's a number of things that could be in place on your site that would perform such redirects. 200,000 hits returning a status of '302' does sound like a lot. Did you do anything to your web pages, .htaccess files, or CPanel that would cause these redirects?

Some bots are tracked in AWStats, but the list of UserAgent strings that AWStats recognizes as bots is not even close to being a complete list. If AWStats doesn't recognize the UserAgent, it's not seen as a bot. My experience has been that not that many real live users take the trouble to block referer strings from being sent out. A number of browsers support the ability to modify or block referers sent out, and some personal firewalls can do this as well. There's a number of things that could cause what you're seeing (bots being the most likely to me), but the only way you're going to know for sure is to look at your server logs.

Welcome to the forums, bootstrap!

Actually, I haven't received it yet, but it is on the way. If I'm lucky, it may show up today (Friday); if not, then maybe Monday.

The 'traffic coming from "direct address / bookmarks"' means visitors who request a page from your site but do not send a referer string in the page request. You should be able to tell something about these visits by looking at your server logs, but I'd guess the large number of 'no referer' visits is due to bots visiting your site that are programmed not to send any referer when they retrieve a page from your site.

Welcome to the forums, Basil! Nothing IRC related is allowed on TCH servers, so if your postnuke chat module is the 'unsecure IRC program', it is hopefully removed now, and you won't replace it with any other IRC script. As far as scanning your sites for vulnerabilities, 1) this is something that TCH generally does not do, and it would be difficult for anyone else to do so, 2) security is considered to be your responsibility, so it is ultimately up to you to make sure your sites are running secure scripts and have the latest security updates, and 3) scanning web sites is not a particularly effective means of detecting vulnerabilities, as you can only scan for known vulnerabilities. Even if your site passed such a scan today, there's no guarantee that there isn't a hidden flaw that no one has discovered yet and could be exploited in the future.

The purpose of the files I wrote was to allow Coppermine's main php files to be run as CGI scripts. One file was the .htaccess file which tells the webserver to run .php files as CGI scripts, and the other file was a php script that modifies Coppermine's php scripts by adding one line at the beginning of each script which is required for CGI scripts. After uploading the new upgrade files to the server, all you should have needed to do was re-run the php script I wrote, so the new Coppermine php files would have the necessary line of code added to them. Then the upgrade script should have run without error.

Welcome to the forums, David!

Welcome to the forums, Mark!

Welcome to the forums, Michael!

Welcome to the forums, HWHT!

Basically, it means that PC does not appear to be protected by any firewall at all. (This is *not* a good thing!) In terms of your issues with accessing CPanel, I don't think it means anything at all, as the test checked inbound ports on your PC, while you use an outbound port to try to log into your CPanel. I don't know of any issues with using that script, but since it's not clear yet what is causing your issues, I'm not sure that it would help or solve anything.

What happens when you try to browse to http://annasattic.us/cpanel? You may have bigger problems than trying to access your CPanel.

'stblogs' is the cpanel name. I believe the backups should be going into the 'backups' subdirectory, which has been set up with 0777 permissions presumably for this purpose: >// Info required for saving locally $savedir = "/home/stblogs/backups/"; //Save to this directory

Welcome to the forums, Slagers! With that many entries and comments, I suspect that the server is timing out before the export can be completed. You'd need to break up the export into smaller chunks that can be completed before a server timeout. The Movable Type Knowledge Base topic "Customized Exports" describes some ways you can do this. Depending on why you're exporting your entries and what you plan to do with them, you might want to look into performing a database export/backup instead (particularly if you're using MySQL for your database). A MySQL database export is more complete than an MT export and server timeouts are less of an issue. Hope this helps...

Welcome to the forums, mklappen!