protection
French 
CrawlTrack, webmaster dashboard.
Web analytic, SEO and protection

CrawlProtect, your website safety.
Reinforced protection

Two php/MySQL scripts, free and easy to install
The tools you need to manage and keep control of your site.





diable

CrawlTrack and CrawlProtect support forum

You are not logged in.


#1 23-02-2010 00:42:29

butchas
Nouveau membre
Registered: 23-02-2010
Posts: 9

Crawlprotect hacking attempts blocked

I just installed crawlprotect on my site that has a SMF forum. After installation I entered "hxtp://www.votresite.com/crawlprotect", selected my language, put in my user name and password.  It reset. I put in the username and password again and the result was a 500 error.

I did set:
#Avoid any blocage for yourself (for admin access) uncomment the following line and replace xx.xx.xx.xx by your IP
RewriteCond %{REMOTE_ADDR} !^xx.xx.xx.xx

So that I can edit my site but I still get the error.

How can I see the hacking attempts that have been blocked as noted in the crawlprotect documentation?

I have tried several times.

Last edited by butchas (23-02-2010 00:43:17)

Offline

 

#2 23-02-2010 07:07:10

Jidébé
Administrateur
Registered: 30-10-2005
Posts: 2946

Re: Crawlprotect hacking attempts blocked

Hello,

To be sure to understand, when you want to go to your CrawlProtect you see the login page and when you have enter your login and password you get an error 500?

Jean-Denis


CrawlTrack & CrawlProtect developer

Offline

 

#3 23-02-2010 15:16:46

butchas
Nouveau membre
Registered: 23-02-2010
Posts: 9

Re: Crawlprotect hacking attempts blocked

The first time I use it the script allows me to set the language, user and password.  It says the operation was complete then it asks me for the user and password to enter the logging.  I type the user and password.  It then gives me a 500 error. 

Then I try to log in again and I do not see the log in screen.  Instead I get a 500 error every time I try to access the script from the admin panel. "hxtp://www.votresite.com/crawlprotect",

The only edit I made so far was to the .htaccess:
#RewriteCond %{QUERY_STRING} ^(.*)(wget|shell_exec|passthru|system|exec|popen|proc_open)(.*)
#case SMF to avoid being blocked when you split a topic
RewriteCond %{QUERY_STRING} ^(.*)(wget|shell_exec|passthru|system|popen|proc_open)(.*)$

Last edited by butchas (23-02-2010 15:18:35)

Offline

 

#4 23-02-2010 22:35:24

Jidébé
Administrateur
Registered: 30-10-2005
Posts: 2946

Re: Crawlprotect hacking attempts blocked

Hi,

Regarding the type of error, I presume that the htaccess code is in the CrawlProtect folder?
This should not be the case, it should be at the root of your site.
But this didn't explain the error 500 and if you move the htaccess file now at the root of your site, you will get the error 500 on all your site.
So before to do anything we need to correct that error.

1) get the original htaccess file supply with CrawlProtect and upload it in your CrawlProtect folder
If your didn't get the error 500, it's because the error was coming from the modification done.

==> To modifiy an htaccess file use a text editor (Notepad for example) never use Word or something similar.

Jean-Denis


CrawlTrack & CrawlProtect developer

Offline

 

#5 24-02-2010 05:29:31

butchas
Nouveau membre
Registered: 23-02-2010
Posts: 9

Re: Crawlprotect hacking attempts blocked

When I run the test the script works.

The original .htaccess files in not in the crawlprotect folder.

The only .htacces file in crawl protect is in the noaccess folder.

The error happened before I made the change to the .htaccess file.

The directory structure is:

Root:
.htaccess
crawlprotect/index.php   /* I only have one crawlprotect folder */


Could it be my user name?  I put a "." in it?

My password is <16 characters long and consists of upper and lower case letters and numbers.

Offline

 

#6 24-02-2010 07:14:31

Jidébé
Administrateur
Registered: 30-10-2005
Posts: 2946

Re: Crawlprotect hacking attempts blocked

Hello,

To see if it's due to the login, delete the config.php file.
Then it should restart installation process and so try an other login without ";".

Jean-Denis


CrawlTrack & CrawlProtect developer

Offline

 

#7 25-02-2010 09:10:19

butchas
Nouveau membre
Registered: 23-02-2010
Posts: 9

Re: Crawlprotect hacking attempts blocked

It was a "." and I tried & No that did not change a thing...  Still getting 500 errors?

Offline

 

#8 25-02-2010 23:19:59

Jidébé
Administrateur
Registered: 30-10-2005
Posts: 2946

Re: Crawlprotect hacking attempts blocked

Hi,

I don't understand why you get access at the beginning and not any more.
Try to delete all the crawlprotect folder and re upload to see if that help.

Jean-Denis


CrawlTrack & CrawlProtect developer

Offline

 

#9 26-02-2010 21:45:56

butchas
Nouveau membre
Registered: 23-02-2010
Posts: 9

Re: Crawlprotect hacking attempts blocked

Hi,
Tried it and now I can not access the folder from the internet.

Offline

 

#10 27-02-2010 15:18:26

butchas
Nouveau membre
Registered: 23-02-2010
Posts: 9

Re: Crawlprotect hacking attempts blocked

Is there a way I can delete a file or edit code to prevent any one else from accessing the admin panel now that I can not access it?

Offline

 

#11 27-02-2010 15:26:39

Jidébé
Administrateur
Registered: 30-10-2005
Posts: 2946

Re: Crawlprotect hacking attempts blocked

Hi,

Delete the folder with your FTP software.

Jean-Denis


CrawlTrack & CrawlProtect developer

Offline

 

#12 27-02-2010 17:21:54

butchas
Nouveau membre
Registered: 23-02-2010
Posts: 9

Re: Crawlprotect hacking attempts blocked

That deletes the whole mess.

I think I found the problem.

The zip file I downloaded is missing files:
injection.php - Is not in the current zip file but was in it last week
badbot.php - Is not in the zip file
shell.php - - Is not in the zip file

Please check your download for content?

Offline

 

#13 27-02-2010 19:22:14

Jidébé
Administrateur
Registered: 30-10-2005
Posts: 2946

Re: Crawlprotect hacking attempts blocked

Hi,

These files don't exist anymore in version 1.4.0;  they are created by the script when needed.

Jean-Denis


CrawlTrack & CrawlProtect developer

Offline

 

#14 27-02-2010 20:48:58

butchas
Nouveau membre
Registered: 23-02-2010
Posts: 9

Re: Crawlprotect hacking attempts blocked

I noticed that I have an injection.php file that says:
$injection="5";

After test deleting the code from htaccess I found the following errors:
[27-Feb-2010 14:28:02] PHP Warning:  [eAccelerator] Can not create shared memory area in Unknown on line 0
[27-Feb-2010 14:28:02] PHP Fatal error:  Unable to start eAccelerator module in Unknown on line 0
[27-Feb-2010 14:29:07] PHP Warning:  [eAccelerator] Can not create shared memory area in Unknown on line 0
[27-Feb-2010 14:29:07] PHP Fatal error:  Unable to start eAccelerator module in Unknown on line 0
[27-Feb-2010 14:29:10] PHP Warning:  [eAccelerator] Can not create shared memory area in Unknown on line 0
[27-Feb-2010 14:29:10] PHP Fatal error:  Unable to start eAccelerator module in Unknown on line 0

Offline

 

#15 27-02-2010 21:05:54

Jidébé
Administrateur
Registered: 30-10-2005
Posts: 2946

Re: Crawlprotect hacking attempts blocked

Hi,

These error messages are link with eAccelerator not with CrawlProtect.

Jean-Denis


CrawlTrack & CrawlProtect developer

Offline

 

#16 27-02-2010 21:39:47

butchas
Nouveau membre
Registered: 23-02-2010
Posts: 9

Re: Crawlprotect hacking attempts blocked

Hi,
Bingo.  I contacted my host and now it is working.

Thank you.

Offline

 

Board footer

Powered by PunBB
© Copyright 2002–2008 PunBB