If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
Tech Question  XML
Forum Index » Advanced Guestbook Forum
Author Message
spike71
Beginner

Joined: 19/12/2007 13:52:02
Messages: 7
Offline

My site was hacked and i thought i had fixed it. But when you look at the link:
http://www.rhodes-family.com/guestbook/

you will see nothing posted, but when i log in i see all the entries. How do i go about fixing it so everyone can see the entries? I know i am a bit vague here, but i have NO CLUE what is going on with this.

thanks for the help!

Spike
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Did they delete all the entries?

If not check that the config.inc.php file is pointing to the correct database tables.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
spike71
Beginner

Joined: 19/12/2007 13:52:02
Messages: 7
Offline

Hello Carbonize, thanks for the reply
When i log into the guestbook with the admin account, i see all the entries. The config.inc.php is pointing to the right database. It is just not displaying them for all the visotors to see. It is like the entries are behind a curtain. I am thinking there has to be an issue with the index.php file?
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Replace all the files except public and admin folders.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
spike71
Beginner

Joined: 19/12/2007 13:52:02
Messages: 7
Offline

that did it! thanks Carbonize, for all your help!
spike71
Beginner

Joined: 19/12/2007 13:52:02
Messages: 7
Offline

hacked again.....
http://www.rhodes-family.com/guestbook

is there some patches that need to be applied? i have version 2.4.2

Just wondering, this bastard has hit me 4 times now in a week.. Merry Christmas to me.
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

I'd guess they are not getting in through guestbook. When you replace the files make sure they are not set to 777 (CHMOD / permissions).

And next time it happens check your server logs to see if you can see how they got in.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
spike71
Beginner

Joined: 19/12/2007 13:52:02
Messages: 7
Offline

Thanks Carbonize,

what should the CHMOD settings be?
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Try 644 or if the guestbook doesn't work try 755. Only things need to be 777 are public and tmp folders.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
spike71
Beginner

Joined: 19/12/2007 13:52:02
Messages: 7
Offline

thanks for the reply. this is for the entire "Guestbook" folder on the server right? Sorry to ask the question, the guestbook was installed by "fantasico' Or something like that. It was on the cpanel on the server, i thought that it would perform all the settings..

Again thanks Carbonize!

Mike
spike71
Beginner

Joined: 19/12/2007 13:52:02
Messages: 7
Offline

okay i chmodded the guestbook directory and that shut me our, so i reread your post and then understood what you meant

i went through and changed all the folder that were 755 to 644 except the public and temp folders and i got a bunch of php errors...
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline

Ok make everything 755. Except the public and tmp folders as they need to be 777 for image uploading.

Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
 
Forum Index » Advanced Guestbook Forum
Go to:   
Based on the open source JForum