——————————————————————
We are sorry to announce the immediate release of phpBB 3.0.7-PL1 to address a security issue which was introduced in 3.0.7, unfortunately the issue wasn’t noticed during testing and has only surfaced a week
after the release of 3.0.7.

We promised working feeds for phpBB 3.0.7. Sadly, we were not able to deliver on that promise – a critical bug in the permission handling for feeds slipped past. To all people who already have updated to 3.0.7, it
is of critical importance to update to 3.0.7-PL1. Otherwise, it is possible for users to bypass permission settings under the following circumstances:

- Feeds are enabled
- Any of the posts or topics feeds are enabled
- The unauthorised user – or one of the groups they are a member of – has forum permissions set on a private forum
- If you have excluded a forum from the list of forums that provide feeds, it is unaffected

The fix for the issue is a single line change inside of feed.php, line 525 has changed from:

$forum_ids = array_keys($auth->acl_getf('f_read'));

to:

$forum_ids = array_keys($auth->acl_getf('f_read', true));

There were no other changes, in particular neither style nor language changes.

——————————————————————
If you are using phpBB 3.0.7 it is strongly recommend to upgrade it immediately to to phpBB 3.0.7-PL1 version.

Related posts:

1. Security vulnerabilities found in HyperVM and LXadmin/Kloxo
2. curl_exec() has been disabled for security reasons in Wordpress 2.7

Error: Fatal error: Class ‘XsltProcessor’ not found in /path/to/filename.php on line XXX

Depending on the server platform / operating system, the installation method may differ.

If you are using cPanel control panel, you will require to recompile your Apache and PHP to enable this PHP extension.

Related posts:

1. phpmailer error : Mailer Error: Language string failed to load: recipients_failed
2. cPanel/WHM configuration
3. error :: MySQL said: Too many connections

After checking all the files/folders of this website, I found some suspicious files in one folder. There was a PHP script along with other files which was adding the spam links in the homepage. The script was simply called by attacker and they were passing some text file as a query string.

This is not an attack on the website but it seems they were adding the links just to populate their keywords in the search engine. I was not sure from where these malicious files were uploaded but after removing these files, I have not faced the problem again.

Just for the information, the link code was started using tag.

Related posts:

1. Getting Website traffic
2. Increase link popularity in Google
3. Reported Attack Site by Google

- Login to your WHM.

- Go to Server Configuration -> Tweak Settings.

- Select option “Prevent the user “nobody” from sending out mail to remote addresses (PHP and CGI scripts generally run as nobody if you are not using PHPSuexec and Suexec respectively.)” and save it.

Please note if PHP processes are running as a nobody user and you enable above option, your clients will not be able to send emails outside their domains using PHP mail() function.

Kailash Aghera

Related posts:

1. Transfer a web site from one server to another using cpanel/whm
2. create an email account in cpanel
3. cPanel for Windows – cPanel Enkompass

If your hosting provider has enabled mod_security with Apache, you may face some problem to post topic, upload images, insert images in the post etc. Since ModSecurity2 does not allow to bypass rules by ID via .htaccess, you will have to contact your hosting provider to bypass some rules for your website. ModSecurity provides facility to bypass rules based on the location. You will require to create global whitelist configuration file to bypass certain rules based on the location.

Recently, I faced problem to upload and insert images in the post. After reading some websites, I found some global rules which I bypassed some ModSecurity rules using global whitelist configuration file which fixed my problem. The rules that I bypassed are as follow (I have put space before LocationMatch and /LocationMatch. Remove that space in your configuration file):


< LocationMatch "/wp-admin/post.php">
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

< LocationMatch "/wp-includes/">
SecRuleRemoveById 960010 960012 950006
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

Hope this will help others who are facing the similar problem in their Wordpress blog with mod_security.

Kailash Aghera

No related posts.

To start iptables:
service iptables start

To stop iptables:
service iptables stop

To restart iptables:
service iptables restart

You can determine whether iptables is running or not using following command:

service iptables status

You can also configured iptables to start automatically on boot. You will need to use chkconfig command to turn it on:

chkconfig iptables on

To use above commands, you will need the root access of your server.

Kailash

Related posts:

1. command to restart DNS service
2. Requirement of Boot.ini file on Windows
3. System is not booting

cPanel is planning to provide almost all features which are currently available in cPanel/WHM. They have not committed however. Below are the expected features of Enkompass:

Administrator/Reseller Interface Features:

[1] Server configuration
- Admin Password
- Tweak Settings
- Manage Servers

[2] Support
- Support Center

[3] Reseller
- Reseller Center
- Show Reseller Accounts

[4] Languages
- Clone/Create a New Language
- Upload a Language File
- Download/Delete a Language File

[5] Backup
- Configure Backup
- Restore Backups

[6] Account information
- List Accounts
- List Parked Domains
- List Subdomains

[7] Account functions
- Create a New Account
- Modify an Account
- Password Modification
- Quota Modification
- Suspend Unsuspend Accounts
- Terminate an Account
- Restart Users Websites

[8] Multi – Account Functions
- Modify/Upgrade Multiple Accounts
- Terminate Multiple Accounts

[9] Plans
- Add Plans
- Edit/Delete Plans
- Copy plans

[10] DNS Functions
- Add DNS Zone
- Delete a Zone
- Edit MX entry
- Park a Domain

[11] MySQL Services
- Change a MySQL User Password
- Check/Repair a Database

[12] MS SQL Services
- Change a MS SQL User Password
- Repair a MS SQL Database

[13] IP Functions
- Add a New IP Address
- Show IP Address Usage
- Show/Delete current IPs
- Add Reserved IPs
- Edit/Delete Reserved IPs

[14] System Health
- Current CPU Usage
- Current Disk Usage
- Current Running Processes

[15] Themes
- Clone Theme

[16] cPanel
- Modify WHM News

[17] Server SSL / TLS
- Generate/Request a SSL Certificate
- Install a SSL Certificate
- Activate a SSL Certificate
- Manage FTP Bindings

End user features:

[1] Preferences
- Getting Started Wizard
- Change User Password
- Update Contact Info
- Change Language
- Branding Editor
- Change Style
- Shortcuts

[2] Mail
- Submit a Support Request
- Email Accounts
- Log into Webmail
- Mail Forwarders
- Auto Responders
- Default Address
- Mailing Lists
- MX Entry

[3] Files
- Restore System Backups
- User Backups
- File Manager
- Disk Space Usage
- FTP Accounts

[4] Logs
- Latest Visitors

[5] Security
- Password Protect Directories
- IP Deny Manager
- SSL/TLS Manager

[6] Domains
- Sub Domains
- Addoon Domains
- Parked Domains
- Redirect Pages

[7] Databases
- Create MySQL Database
- Manage MySQL User
- Create MS SQL Database
- Manage MS SQL Users

[8] Advanced
- MIME Types
- Error Pages
- Directory Browsing
- Network Tools
- WebHost Manager
- Restart Websites

For more details, you may visit this article.

Kailash Aghera

Related posts:

1. cPanel/WHM (Web Host Manager) and HELM control panel
2. Transfer a web site from one server to another using cpanel/whm
3. How to change MySQL database collation from phpMyAdmin in cPanel

- SmarterMail 6.x provides businesses and hosting environments with powerful enterprise-level features and collaboration tools, including:

- Smartphone synchronization through Exchange ActiveSync, SyncML, and SmarterMail Sync technologies

- 97% antispam out-of-the-box that delivers comprehensive protection from spam and phishing messages

- Advanced Outlook synchronization and collaboration

- Robust antivirus out-of-the-box that prevents costly downtime

- Detailed reporting at the server, domain, and mailbox levels to provide insight into mail server performance

- Events and notifications that help simplify and automate tasks

- Advanced message archiving compliant with Sarbanes-Oxley and HIPAA regulations

- Leading Web-based interface for administrators and users

You can download free edition from Here

Related posts:

1. FREE Web Hosting
2. cPanel for Windows – cPanel Enkompass

The service, available as a reseller service to resellers of eNom’s web hosting and domain registration services, as well as to hosting providers that don’t resell eNom’s other services, provides website operators with access to an enormous base of content that can be inserted into their own sites via a selection of widgets.

The objective of the service, says Sheridan, is to enable hosting providers to offer their customers a means of better engaging visitors to their sites, creating more successful projects among hosting customers.

“If we do our job right,” says Sheridan, “this is so easy and such a good end user experience that, basically, the compelling content will drive enough end user engagement that I want to start seeing a lift on hosting renewals.”

For more details on Enom RichContent, follow this link.

Related posts:

1. Website Builder Tool
2. Getting Website traffic
3. FREE Web Hosting

“This web site at XXXXX.com has been reported as an attack site and has been blocked based on your security preferences.

Some attack sites intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.”

Now a day, such type of attacks on the web sites are common. There are few reasons in which Google marks the web site as harmful site. Some of them are as follow:

[1] If your web site pages are infected with malicious IFrame or JavaScript code. Generally, such Iframe and JavaScript codes link your web site to another maleware site.

[2] Your site is hosting phishing page.

There are many reasons for JavaScript and Iframe code injection in your web sites.

[1] If you have installed updated version of third party scripts, template, theme etc.

[2] The tird party scripts which you are using in your web site are not secure.

[3] Your FTP password is compromised.

[4] The system from which you are managing your web site is infected by Maleware, Trojan, Spyware, Virus etc.

[5] Insecure folder permissions set in your web site.

To remove “Reported Attack Site!” tag from your web site at the earliest, you can use Google Webmaster Tools to analyze your web site. Using this tools, you can easily find the infected pages of your web site and then you can resubmit the request to Google.

Hope this will help you!

Related posts:

1. IFrame Hacking – JavaScript Hacking
2. “This site may harm your computer” on every Google search result ??
3. Links are added automatically in the index page of the website – adsttnmq1/sdioyslkjs2 attack

—————————-
Dear Yahoo! UK & Ireland GeoCities customer,

We’re writing to let you know that Yahoo! UK & Ireland GeoCities, our free web site building service and community, is closing on October 26, 2009.

We have enjoyed hosting web sites created by Yahoo! users all over the world, and we’re proud of the community you’ve built. However, we have decided to focus on helping our customers explore and build relationships online in other ways.

On October 26, 2009, your GeoCities site will no longer appear on the Web, and you will no longer be able to access your GeoCities account and files.

What You Need to Do
If you’re no longer using your web site, you don’t need to do a thing, but if you’d like to move your web site, or save the images and other files you’ve posted online, you need to act now by downloading your files to your own computer.

To quickly download your published files and images, visit your GeoCities web site, right-click on each page, and choose Save Page As… from the menu that appears. Choose a location on your computer to save your files, then click OK or Save to save the HTML and images associated with your page. Learn more about downloading your files.

With your pages and images saved offline, you can re-create your site with any hosting provider you like, such as BT Web Hosting.

Please be aware that after October 26, your GeoCities files will be deleted from our servers, and will not be recoverable. If you’d like to save your files, you must download them now.

Another Way to Connect Online
As a Yahoo! customer, you can now use your Yahoo! profile as a central point to manage your identity, activities, and interests across Yahoo! and make it easy to connect and share with the people who matter to you most.

You can get started anytime by adding your picture and other personal details, then invite friends and family to connect — even start your own blog. You’ll be able to follow the online activities of your connections across Yahoo!.

Setting up your profile is easy, and it’s free! Visit your profile now.

Don’t Wait
We encourage you to save your files now. If you need assistance, please visit the help centre.

We want to thank you for being a GeoCities customer, and hope you continue to enjoy our other Yahoo! UK & Ireland services.

Best regards,

The Yahoo! UK & Ireland GeoCities team
————————

Fortunately, I do not have any important data on it but if you are using Yahoo GeoCities, you will need to download all your pages and images before they close this service.

Kailash

Related posts:

1. Yahoo! 360° is closing on July 13, 2009
2. Microsoft may buy Yahoo search business
3. WebHostingTalk Australia is acquired by iNET Interactive

The Yahoo! Profile Team
————————————

Yes, Yahoo is going to close Yahoo 360 service from July 13, 2009 onwards. If you have any information on Yahoo 360 then make sure to save or download your existing 360 information before this date to keep from losing it.

Kailash

Related posts:

1. Yahoo GeoCities is closing on October 26, 2009
2. Microsoft may buy Yahoo search business

Below are the list of alternatives available for HyperVM and LXAdmin/Koloxo:

Alternatives for HyperVM:
- VDSmanager

Alternatives for LXAdmin/Kloxo:
- cPanel
- Plesk

Your comments are invited. If you have any another alternative you can update in this post.

Kailash

Related posts:

1. Security vulnerabilities found in HyperVM and LXadmin/Kloxo
2. HyperVM comprehensive Virtualization software and VPS solution
3. Parallels Releases Plesk Billing 6.0 – Modernbill

Related posts:

1. How to upgrade to Wordpress 2.7
2. curl_exec() has been disabled for security reasons in Wordpress 2.7
3. WordPress 2.7 is coming to WordPress.com on Thursday, December 4, 2008

To upgrade hyperVM or Kloxo master, Run:

/script/upcp

If you do not upgrade your system then there is a chance that someone can compromise your server and take full control on your server.

Related posts:

1. Alternative for HyperVM and Kloxo/Lxadmin
2. HyperVM comprehensive Virtualization software and VPS solution
3. Which virtualization software is good?

[1] Login to your cPanel and click on “phpMyAdmin” icon.
[2] Click on your database name and the go to “Operations” tab.
[3] At the bottom of the page you will see the collation option. You can now select a collation from the drop down menu and click on the Go button.

Please note that the new collation will be set for new tables only. Old table will use the previous collation under which they were created. If you want to use new collation for already created tables, you will need to change collation for all tables.

Related posts:

1. create an email account in cpanel
2. MySQL
3. Prevent the user nobody from sending email from cPanel server

For example, if you want to create an archive for /home/user1 folder then use the following command:

tar -pczf user1.tar.gz /home/user1

For more options, you may refer the manual of this command. Use following command to get the details about all options:

man tar

Related posts:

1. create an email account in cpanel

[1] Login to your cPanel and click on “Email Accounts”.

[2] On next screen, enter the email account which you would like to create, enter the password twice and the quota. Now click on “Create” button.

That’s it. Now, the email account should be created in your cPanel.

Related posts:

1. How to change MySQL database collation from phpMyAdmin in cPanel
2. Prevent the user nobody from sending email from cPanel server
3. cPanel Backup

What do we know about the damage done?

This attack was very deliberate, sophisticated and calculated. The attacker was able to circumvent our security measures and access via an arcane backdoor protected by additional firewall. We are still investigating the situation, but we know the attacker infiltrated and deleted the backups first and then deleted three databases: user/post/thread. We have no record or evidence that private message data was accessed. Absolutely no credit card or PayPal data was exposed.

Do we know the motivation behind the attack?

We don’t know enough at this time, so any insight would be purely speculative in nature. WHT is a platform where positive and negative information is shared and exposed about business and individuals. Under TOS policy, we cannot edit or remove user-generated content at the request of an unsatisfied third party. Therefore, WHT tends to become the target for disgruntled individuals and businesses.

Have we been able to restore more recent back-ups?

The offsite backup, the onsite backup and the operational data were destroyed by the attacker, so we’ve resorted to a physical back-up of last resort. Unfortunately, we are experiencing difficulty restoring from our most recent physical backup. At this point, October is the most recent backup that we were able to restore. We continue to work to extract data from a more recent set of DVDs.

What is WHT focused on doing now?

The first priority, which kicked in immediately upon discovering the hack while in process, was locking down the infrastructure to avoid further damage and restoring the site. We also had to block the potential for a repeat attack. Now we are working on investigating how much prior data is restorable, reinstating premium memberships, contacting business partners, and communicating with the community members. We are also doing everything possible to identify the attacker and bring them to justice. Disappointments happen – we are working hard to restore trust among community members and to bring things back to normal.

Is WHT doing anything different due to this attack?

WHT has been targeted before and our infrastructure has withstood previous attacks. However, following this well-planned and targeted attack, we will be altering aspects of our architecture to ensure that this type of attack does not happen again. Needless to say, we have learned from this situation and will address any discrepancies accordingly.

We had three, protected data back-up units with one offsite behind a firewall and a fourth physical data back-up layer. We evaluated our disaster recovery plan as recent as late-2008, and carefully reviewed how to recover from a disaster situation. The attacker appeared to have deliberately targeted our data back-up systems, a scenario that our disaster recovery plan did not fully anticipate. We have implemented changes to our data backup and disaster recovery plans to address this weakness. And we advise others to consider a scenario of deliberate, malicious data destruction in their backup and recovery plans.

What should members do now?

The password encryption technology we use is strong for securing non-financial data. However, we suggest that members change their passwords frequently and do not use the same user name and password for the forum as they may use for more sensitive services like online banking. If a member feels more comfortable changing their password, then we recommend that they do what makes them feel more secure.

A concern is that members may receive more spam because the attacker posted stolen email addresses on file sharing sites. I haven’t personally seen an increase in the amount of spam I usually receive to my email address, but it is a risk that we cannot easily alleviate. As we become aware of specific file sharing sites with these email addresses, we are requesting that the emails be removed promptly. So far, most have been quick to comply.

What if I can’t use my WHT account?

We are temporarily using a version of the database from October 2008. This means that if you joined WHT after October 2008, you’ll need to register again to post now. We may still be able to recover your account, but we don’t know yet. Please register with the same username you used before.

If you joined WHT before October 2008 and get a password error, the system is probably asking for the password you were using in October 2008. If you don’t remember your previous password and have access to the email address for your WHT account in October 2008, please use the password recovery tool.

For help accessing your account, please open a helpdesk ticket.

If you’ve subscribed to a Premium or Corporate membership prior to October 2008, someone from iNET has contacted you by now. If you’ve subscribed (or re-subscribed) since October 2008 and haven’t heard from iNET, please contact us on the helpdesk.

Moving forward …

We take the protection of user-contributed data very seriously, and we strongly regret what happened. iNET has a sophisticated infrastructure with advanced security. Yet even institutions that spend millions of dollars a year on Internet security are exploited. Anyone recall NASA being hacked some years back?

It’s not what you’ve done, it’s what you do. And from this day forward, we continue.

We’ve been overwhelmed by all the offers of help and support we’ve received from our members. What can I say about that beyond my heartfelt thanks? I love this community!

WebHostingTalk is one of the largest online community and people get very useful information from them. We all have to co-operate with them in such situation.

Source: WHT

Related posts:

1. WebHostingTalk Australia is acquired by iNET Interactive
2. cPanel for Windows – cPanel Enkompass
3. create an email account in cpanel

No related posts.