Hi,
ich würde gerne mein System von 1.1.13 auf 1.2.0 updaten. Allerdings hatte ich bei den vergangenen Updates immer erhebliche Probleme.
Geht ein so großer Updatesprung überhaupt?
Posts by gpeter73
-
-
-
Can I update from 1.1.5 to 1.1.13 in one Step?
-
Hi,
ich habe einige Kunden auf deren Webseiten noch mit file_get_contents() gearbeitet wird. Leider ist dies durch die Standardkonfiguration verboten.
Gibt es eine Möglichkeit diese dauerhaft und Updatesicher für einzelne Kunden zu erlauben? -
I tried but didn't found any usable. Just the same answer as yours: may false positives
What I saw is, that my Mail Server is under attack since yesterday. 1000's of login errors on sasl from IP's all over the world.
Just set fail2ban to maxtries = 1 and bantime > 3 Years (just for a moment) . Now I don't have any new bans, it seems the hacker runned out of Proxy IP's
-
Hi,
everynight I run maldet / f-secure antivirus on my complete server.
Today I got an report that maldet found several malware at some customers phptmp folders:Display MoreCode- FILE HIT LIST:
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpWnT6WN.virus => /usr/local/maldetect/quarantine/phpWnT6WN.virus.9407
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpADqTDp.virus => /usr/local/maldetect/quarantine/phpADqTDp.virus.6573
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpFtVhKW.virus => /usr/local/maldetect/quarantine/phpFtVhKW.virus.13864
- {CAV}PHP.Hide : /var/www/virtual/xxxxx.com/phptmp/phpqOMGqf.virus => /usr/local/maldetect/quarantine/phpqOMGqf.virus.11505
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpKe5Od8.virus => /usr/local/maldetect/quarantine/phpKe5Od8.virus.14923
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpti6qMm.virus => /usr/local/maldetect/quarantine/phpti6qMm.virus.7189
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/php4RXdcm.virus => /usr/local/maldetect/quarantine/php4RXdcm.virus.10784
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpZheZh1.virus => /usr/local/maldetect/quarantine/phpZheZh1.virus.9074
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpgqjhIN.virus => /usr/local/maldetect/quarantine/phpgqjhIN.virus.5326
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpEX7uHC.virus => /usr/local/maldetect/quarantine/phpEX7uHC.virus.28417
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpVeJUmr.virus => /usr/local/maldetect/quarantine/phpVeJUmr.virus.23759
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/php5fqv8r.virus => /usr/local/maldetect/quarantine/php5fqv8r.virus.17440
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpjCSsUm.virus => /usr/local/maldetect/quarantine/phpjCSsUm.virus.19274
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/php3XzUaV.virus => /usr/local/maldetect/quarantine/php3XzUaV.virus.2231
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpxwJZcq.virus => /usr/local/maldetect/quarantine/phpxwJZcq.virus.24669
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpvj0joT.virus => /usr/local/maldetect/quarantine/phpvj0joT.virus.13242
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpWMez7E.virus => /usr/local/maldetect/quarantine/phpWMez7E.virus.31003
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phprZSKEg.virus => /usr/local/maldetect/quarantine/phprZSKEg.virus.325
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpitJ2Jb.virus => /usr/local/maldetect/quarantine/phpitJ2Jb.virus.24629
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/php9Purbx.virus => /usr/local/maldetect/quarantine/php9Purbx.virus.24780
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/php2fxujn.virus => /usr/local/maldetect/quarantine/php2fxujn.virus.29580
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/php9d1UxG.virus => /usr/local/maldetect/quarantine/php9d1UxG.virus.9537
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpcaR70l.virus => /usr/local/maldetect/quarantine/phpcaR70l.virus.28694
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpRi6Jgn.virus => /usr/local/maldetect/quarantine/phpRi6Jgn.virus.23697
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpNKLBjm.virus => /usr/local/maldetect/quarantine/phpNKLBjm.virus.23109
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpm5ZCoB.virus => /usr/local/maldetect/quarantine/phpm5ZCoB.virus.672
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpKZXSdW.virus => /usr/local/maldetect/quarantine/phpKZXSdW.virus.24637
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/php8um8Pb.virus => /usr/local/maldetect/quarantine/php8um8Pb.virus.22861
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/php8P6z6M.virus => /usr/local/maldetect/quarantine/php8P6z6M.virus.29861
- {HEX}php.cmdshell.FilesMan.235 : /var/www/virtual/xxxxx/phptmp/phpoziXHp.virus => /usr/local/maldetect/quarantine/phpoziXHp.virus.6507
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/phplrDjJr.virus => /usr/local/maldetect/quarantine/phplrDjJr.virus.19199
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/php78WEyK.virus => /usr/local/maldetect/quarantine/php78WEyK.virus.22844
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/phpg1FCAK.virus => /usr/local/maldetect/quarantine/phpg1FCAK.virus.5865
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/phpe7i2V5.virus => /usr/local/maldetect/quarantine/phpe7i2V5.virus.8315
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/phpdVVY3S.virus => /usr/local/maldetect/quarantine/phpdVVY3S.virus.5559
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/phpnhDO0b.virus => /usr/local/maldetect/quarantine/phpnhDO0b.virus.17013
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/phpUi5jKJ.virus => /usr/local/maldetect/quarantine/phpUi5jKJ.virus.15401
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/phpHHgNBX.virus => /usr/local/maldetect/quarantine/phpHHgNBX.virus.14641
- {HEX}php.cmdshell.FilesMan.235 : /var/www/virtual/xxxxx/phptmp/phpQ37DFQ.virus => /usr/local/maldetect/quarantine/phpQ37DFQ.virus.29618
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/phpAKvYoO.virus => /usr/local/maldetect/quarantine/phpAKvYoO.virus.26773
- {HEX}php.cmdshell.FilesMan.235 : /var/www/virtual/xxxxx/phptmp/phpHzH9FH.virus => /usr/local/maldetect/quarantine/phpHzH9FH.virus.19890
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/php04E0VT.virus => /usr/local/maldetect/quarantine/php04E0VT.virus.12155
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/phpQrtiI6.virus => /usr/local/maldetect/quarantine/phpQrtiI6.virus.251
- {CAV}PHP.Hide : /var/www/virtual/xxxxx/phptmp/phpNWRESo.virus => /usr/local/maldetect/quarantine/phpNWRESo.virus.6017
- {CAV}PHP.Hide : /var/www/virtual/xxxxx.eu/phptmp/phpIGUGAQ.virus => /usr/local/maldetect/quarantine/phpIGUGAQ.virus.29028
- {CAV}PHP.Hide : /var/www/virtual/xxxxx.eu/phptmp/phpfUGb2M.virus => /usr/local/maldetect/quarantine/phpfUGb2M.virus.17149
- {CAV}PHP.Hide : /var/www/virtual/xxxxx.eu/phptmp/phpNbiTXL.virus => /usr/local/maldetect/quarantine/phpNbiTXL.virus.8995
- {CAV}PHP.Hide : /var/www/virtual/xxxxx.eu/phptmp/phpfTM9fn.virus => /usr/local/maldetect/quarantine/phpfTM9fn.virus.29282
- {CAV}PHP.Hide : /var/www/virtual/xxxxx.eu/phptmp/phpsR4ZxD.virus => /usr/local/maldetect/quarantine/phpsR4ZxD.virus.22772
- {CAV}PHP.Hide : /var/www/virtual/xxxxx.eu/phptmp/phpkyMKHl.virus => /usr/local/maldetect/quarantine/phpkyMKHl.virus.20359
- {HEX}php.cmdshell.FilesMan.235 : /var/www/virtual/xxxxx.eu/phptmp/php3d9cGt.virus => /usr/local/maldetect/quarantine/php3d9cGt.virus.1230
- {HEX}php.cmdshell.FilesMan.235 : /var/www/virtual/xxxxx.eu/phptmp/phpCkVMP4.virus => /usr/local/maldetect/quarantine/phpCkVMP4.virus.19611
- {CAV}PHP.Hide : /var/www/virtual/xxxxx.eu/phptmp/phpLwNSpN.virus => /usr/local/maldetect/quarantine/phpLwNSpN.virus.32761
- {HEX}php.cmdshell.FilesMan.235 : /var/www/virtual/xxxxx.eu/phptmp/phpWJqB1y.virus => /usr/local/maldetect/quarantine/phpWJqB1y.virus.20929
- {CAV}PHP.Hide : /var/www/virtual/xxxxx.eu/phptmp/phpbxhTZ9.virus => /usr/local/maldetect/quarantine/phpbxhTZ9.virus.12672
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpc1Y9DN.virus => /usr/local/maldetect/quarantine/phpc1Y9DN.virus.8279
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpHw4AiV.virus => /usr/local/maldetect/quarantine/phpHw4AiV.virus.2971
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpLrosd5.virus => /usr/local/maldetect/quarantine/phpLrosd5.virus.13510
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpg9Fptc.virus => /usr/local/maldetect/quarantine/phpg9Fptc.virus.24817
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpPXJUcl.virus => /usr/local/maldetect/quarantine/phpPXJUcl.virus.4005
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phppNNBso.virus => /usr/local/maldetect/quarantine/phppNNBso.virus.19947
- {HEX}gzbase64.inject.unclassed.15 : /var/www/virtual/xxxxx.com/phptmp/phpVAb7uQ.virus => /usr/local/maldetect/quarantine/phpVAb7uQ.virus.22729
How they come in on several domain at the same time. I manage the most of these Pages and keep them up2date and check also all extension via http://vel.joomla.org/.
The Foldersecurity is done as strong it is possible.How they can come in? How find the security problem?!
Cheers Peter
-
Hi Laurent,
Thanx a lot. But never changed something directly on the root (/). I used some scripts of i-MSCP to set permissions (i think they recreate permissions from the DB).
I restored the DB's and run imscp-autoinstall.
I got the same why I started this thread, three users are unknown. They exist in the DB (domains table) if I use :
they are didn't shown.Can I add them manualy?
-
Display More
Das ist die beste Methode an einem produktives System einen Fehler zu beheben...LOL
Weisst Du eigentlich was "purge" macht?laurent
Please solve the problem! Thats the best admin solution i'd ever seen! Purging...
Sicher, es löscht alle Konfigs und abhängigen Pakete.
Das war mein letzte ausweg, hatte vorher ein reines neuinstallieren versucht aber auch ohne erfolg. dann habe ich versucht die db's unter /var/lib/mysqld zu verschieben (hätte ja sein können das eine quer liegt).
Habe aber generell eine Backup gefahren, vom gesamten System. -
We will do something:
You give me an access to your server. If I can solve the problems, you get banned OK ?
OK -
So wie es aussieht ist der server platt. habe versucht mysql neu zu installieren
Dann per aptitude
Werde dann nach dem neuen mysql psw gefragt und zu guter letzt sagt dat system das es das neue psw nicht setzen kann.