Make
-
Posts
46 -
Joined
-
Last visited
Posts posted by Make
-
-
During testing of phpBB mail system today because of newsletter
i send by accidence "test" email to all user instead only to myself.
I saw it after 5 second and stopped whole process but probably some user did receive message.
I would like to deep apologize Totachoice team and ask to forgive me.
If it is needed to take a contact with helpdesk let me know.
Thanks
Edit:
I did a send my apologize email to helpdesk
-
Reading this whole thread one question come to my mind.
Do you have guys maybe a plan to add another extra large webhosting plan for much more price or maybe upgrading of platinum plan with more bandwidth and diskspace for of course more price?
Actually i do not have any problems at the moment but you never knows what future can brengt to you and $2.50 per month per Gigabyte is probably expensive solution for a lot of customers.
-
I warn yesterday people on phpBB about new exploit and hope that they gonna to do something very soon.
News is from securiteam and i'm not gonna to post all info's (there is whole code in C Source.Just first few sentence but i'm affraid that the news will be today or tommorow on all security site:
phpBB is "a high powered, fully scalable, and highly customizable Open Source bulletin board package".
Registering multiple users and performing malformed search queries using these users can be used to cause a DoS against the phpBB product
Vulnerable Systems:
* phpBB version 2.0.15 and prior
Exploit:
/*
--------------------------------------------------------
[N]eo ecurity [T]eam [NST] - Advisory #15 - 00/00/06
--------------------------------------------------------
Program: phpBB 2.0.15
Homepage: http://www.phpbb.com
Vulnerable Versions: phpBB 2.0.15 & Lower versions
Risk: High Risk!!
Impact: Multiple DoS Vulnerabilities.
-==phpBB 2.0.15 Multiple DoS Vulnerabilities ==-
---------------------------------------------------------
- Description
---------------------------------------------------------
phpBB is a high powered, fully scalable, and highly customizable
Open Source bulletin board package. phpBB has a user-friendly
interface, simple and straightforward administration panel, and
helpful FAQ. Based on the powerful PHP server language and your
choice of MySQL, MS-SQL, PostgreSQL or Access/ODBC database servers,
phpBB is the ideal free community solution for all web sites.
- Tested
---------------------------------------------------------
localhost & many forums
- Explotation
---------------------------------------------------------
profile.php << By registering as many users as you can.
search.php << by searching in a way that the db couln't observe it.
-
I've already send my reply to support but it is question how long i'll wait.
Every second count.
About bounce mail via mail programs (it send mail back to sender as the mail does not exist) we need to know.
Can we use it or not???
Using wonderful system from mailwasher to send back mail contain advertenties and viruses gave me a trouble right now.
Frustrated and angry.I do not run joke site but seriosly site that actually fight and give help to people for having problems with viruses, spam, privacy etcetc...
Grrrrrrrrrr............
-
Every second that my site is down (suspended without any reason) make me angry (read MAD)!!!!
-
I got message that my site has been suspended because Virus has been sent.
I hope that someone can explain me very soon what's happend here .
I do not use mail on server99 at all.
Just check spam mail via mailwasher everyday and send bounce message (trick used by mailwasher as mail does not exist) to sender (today i did not use it at all).
So please re-enable account and let me know what's happend here.
I'm a surprised and big surprised.
I need more info.This is not proffesional at all TCH Bill Hermonat.
Thanks
Still very angry.If i cant use bounce system with mailwasher then we need to know about it
-
What type of error messages are you getting? Alternatively, if this is for your own use, you might want to look at www.samspade.org.
I got that script couldnt connect to whois server or simple empty response on traceroute?
I would like to make it script available to visitors of my site because my site is a less of more related to networking, privacy etc...
It seems that nobody can tell me of server of firewall behind server block execution of script and connect to any "who is" server and performing traceroute?
-
Thanks for the suggestions everyone. Why do not try to rename picture to whatever.Example Tomas.txt, Tomas.ini or Tomas.rar.
Then just let know recipient to rename it to Tomas.jpg.
I thought about it, but unfortunately its about 100 pics, so I would hate to do it as well as the receiver would hate to rename them back, if there is an easier solution to find just this one pic.
Here you'll find tool that you need for renaiming:
http://lists.gpick.com/pages/File_Rename_Tools.htm
Good luck!
-
I have a few times tried to send some zipped pics through my gmail and every time gmail complains that there is an exe file in this zip file, which gmail don´t allow.
I tried to figure out which of these pics that are supposed to be this exe file, but no luck.
If a pic was named "Thomas.exe.jpg" then I could understand it but all are named like "Thomas.jpg" and so on.
All pics are very viewable, which I understand they would not be if they were exe´s, instead if I clicked on them they would try to launch a installation I assume?
Is there some way I can figure this out.
All other zip files with pics goes through with no problem, its just one that don´t.
Why do not try to rename picture to whatever.Example Tomas.txt, Tomas.ini or Tomas.rar.
Then just let know recipient to rename it to Tomas.jpg.
-
What type of error messages are you getting? Alternatively, if this is for your own use, you might want to look at www.samspade.org.
I got that script couldnt connect to whois server or simple empty response on traceroute?
I would like to make it script available to visitors of my site because my site is a less of more related to networking, privacy etc...
-
Is this disable on totalchoicehosting servers?
I''ve installed one script and it seems that traceroute, whois, ping etc... does not works!?
Is it true or is it error from my side?
Thanks
-
Sorry for the confusion. I've editted my post to make it a little clearer. I was answering too quickly before I had to run to a meeting before.
Also note that you would need to change the permissions on the .conf file to 444 so that it will not be overwritten when the stats run with a default config file.
Thanks for help.Chmod to 444 done and editing done too.
-
If the script uses excessive resources and causes the server to crash then the account would be suspended and the owner notified.
We have had AWStats set up in the past to display the IP only but then we received many requests for showing the hosts. You can edit the config file for AWStats to turn off the RDNS lookup.
IS possible to show both IP and Hosts.
If not then i would like to do it to show ip but how?
I do not have access to config file of Awstats!?
-
I read over the docs and unless your site is generating a ton of traffic you should be ok installing this.
If you start using more resources and bogging down the server you will be notified to remove the script.
So i can install script and then if it start to use more resources only script will be disabled by hoster and i'll get notice about it without disabling my account?
And what about Awstats and problem with hosts?
Why not IP instead of hosts?
Example myself who visited site very oft have
20703 visits and 446523 hits with only 336.08 MB bandwidth.
So it is very import to have clear ip and not hosts.
One bump!
-
I read over the docs and unless your site is generating a ton of traffic you should be ok installing this.
If you start using more resources and bogging down the server you will be notified to remove the script.
So i can install script and then if it start to use more resources only script will be disabled by hoster and i'll get notice about it without disabling my account?
And what about Awstats and problem with hosts?
Why not IP instead of hosts?
Example myself who visited site very oft have
20703 visits and 446523 hits with only 336.08 MB bandwidth.
So it is very import to have clear ip and not hosts.
-
I would like to know why Awstats display hosts and not ip by totalchoice.Is there any special reason?On my previosly hostings it was always IP and not hosts.
Awstats is cctually excellent statistic but display of hosts instead of IP is a annoying.
I would like actually to invstigate and possible ban:
42.70-84-65.reverse.theplanet.com
who made for march 15895 visits and 15895 clicks and use 840.65 MB ( 10 - 20 times more than any other IP) but reversing hosts to IP give not any info.
Anybody here who can help and answer qeustion above about hosts instead of ip.
Second question is question about Level10 counter?
Is it safe to install such a script (php version)?
http://www.leveltendesign.com/L10Apps/HC/
It looks great and attractive but should this script made a huge pressure on database if you have 40 - 50 visitors online and raising of CPU?
Thanks
-
Thanks for answers.
I've submitted ticket yesterday and got answer.In mean time i asked again by same ticket about some unclearness.I hope to get answer soon.Now is almost 16h that i asked and still did not get any reponse.
Thanks again!
-
As first i do not of this is good category to ask it but moderator is alwyas free to move it.
I'm hosted by totalchoicehosting SERVER 99 about 15 days and subscribed to pay hosting on monthly basis.
I'm very satisfied and would like to ask of is possible to change it montly subsription for yearly.If is possible what happens with the money that i've already paid for the first month.
Thanks
-
Your site looks nice but i'll suggest you to do something about speed of loading.I suppose that flash header is really big. I do not see anything else what should affect load.On my fast connection is needed between 10 - 20 second to load.
-
PM sent.
Thanks
-
Thanks but do you mind if i send you PM to look into my .htaccess file becasue i do not see what is wrong.
It is a huge .htaccess!
Thanks
-
I just look to error log files and find next line:
>[Thu Mar 3 09:28:36 2005] [alert] [client 217.234.241.2] /home/account/public_html/.htaccess: Missing regular expression for SetEnvIf [Thu Mar 3 09:28:36 2005] [alert] [client 217.234.241.2] /home/account/public_html/.htaccess: Missing regular expression for SetEnvIf 3 09:13:08 2005] [alert] [client 81.171.3.2] /home/account/public_html/.htaccess: Missing envariable expression for SetEnvIf
What it means and where to look forpossible errors?
-
Thanks for you replies guys.I did a lot today.
Disabled old board, installed new board with a couple security hacks(one is for blocking worms and Dos attempts),
make a accessing to board via .htaccess/.htpasswd and openly given
login and pass.It is just extra protection from some malicious spammers/robots and some brute forcing programs.
I hope that it will be now good to block some attacks.
However i'm avare that against seriosly attack using hundred zombie pc
do not exist good defense except turn your pc off.
-
Board is already disabled, ip cause problem banned and new board is almost finished but it is not good guarantee if it was Ddos of Flood attack.
My Apology With Phpbb
in CPanel and Site Maintenance
Posted · Edited by TCH-Bruce
Kindly thanks for reply.I feel me actually guilty for such a stupid but afterl all human mistake.I could say that i'm advanced phpBB admin but sometime would to be fast done with testing or modify and then happen mistake.
And searching through similair thread on the forum i found that it is furthermore not allowed at all to use mass email sending to the members of the board.
So i've abonded project "Newsgroups".The idea behind was that member could subscribe for such a group and then receive news from board once a month but because of restriction from totalchoice regarding sending mails to members it is abonded now.
Kindly thanks for reply again.
Edit: TCH-Bruce - removed limit, please don't post limits in the forums