Posts by ssibal

    You are right as always.
    I turned debug mode on, the following came up:

    An unexpected error occured
    An exception has been thrown in file /var/www/imscp/gui/library/shared-functions.php at line 2537:

    SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry '' for key 'admin_name'

    Query was:

    INSERT INTO admin ( admin_name, admin_pass, admin_type, domain_created, created_by, fname, lname, firm, zip, city, state, country, email, phone, fax, street1, street2, customer_id, gender, admin_status ) VALUES ( ?, ?, 'user', unix_timestamp(), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )

    This means I have this as admin name from the previous version, but I cannot see the customer in the list, and I want to use this domain.
    Should I simply remove it from the database by myself?

    Hi all!

    I just install the 1.2.2 stable release.
    The installitation went smoothy.
    I log in, and trying to add a new user, when I finally click on add user, it redericts me to an error page:

    "An unexpected error occured
    An unexpected error occurred. Please contact your administrator."

    When I tried t uninstall the program it says:

    Exit code: 255
    root@livesigntechforms001:/var/www/imscp/engine/setup# perl imscp-uninstall
    Global symbol "$rs" requires explicit package name at imscp-uninstall line 320.
    Global symbol "$rs" requires explicit package name at imscp-uninstall line 322.
    Global symbol "$rs" requires explicit package name at imscp-uninstall line 323.
    Global symbol "$rs" requires explicit package name at imscp-uninstall line 323.
    Execution of imscp-uninstall aborted due to compilation errors.

    What can be the problem? Maybe it's important, before this I had the eagle version displayed in my profile, but the uninstall went their without any problem.

    Am impressed by the helpfulness of the people here!! I just were reading the same topics, and I also prefer the drush version!
    Thank you in advance again for your effor guys!!: ))


    Yes-yes, thank you very much! Am diving into the topic deeply! And you are right am a beginner, I will need to expand my knowledge in this topic! (gonna read book, forums, and so on!)


    Thank you to make it clear to me! I really appreciate your thoughts you shared!
    Of course it's being off topic now, but can you give me some hints how to find security issues within the drupal application in general?

    That's the way it's supposed to be, please check my other message

    I found the auth.log file, and it's scary, a thousands of this try happening since a long time:

    I cant find the ftp log tho, isnt it in var/log?

    @ssibal, can't say that that will solve the issue, because we don't know what causes the problem.
    But since 1.x there have been a lot of issues solved, so maybe it does, yes.

    Read the errdata and readme files, your settings and users will be kept.

    **edit, could you check what unix groups that vu user is in?**

    it's in the same group as the user name: vu2003 : vu2003

    I think the VUXXX user is the problem since listing the modificated documentums the user who made the changes was the VUXXX user, somehow they used it, if I run Drupal without i-mscp they couldnt use the VUXXX user, so somehow it must be related.
    By disabling I mean, you can disable user with Ubuntu:

    sudo passwd -l [user_name]

    I dont know the type of the attack, also I dont know how should I provide logs.
    All what happened is, they were able to add files (new index.html / jpeg, adminer.php) to the root, and remove the old index.php. All actins were done by VUXXX user.

    So upgrading to the newest version would definately would fill the security gap?
    Is it possible to upgrade from this Eagle version to the new without loosing the existins settings I have?
    Thank you for the quick replies, btw!


    Thats rigth: only within then /var/www/virtual/****/htdocs were the changes made, but it's still really bad.
    How could it have happened?
    For now I disabled the VU200X user, hope that prevents further actions made by the same methods (of course the info leashed I must defense in other way)!