| Author |
Message |
DaveW
New Member
Joined: Aug 27, 2004
Posts: 4
|
 Posted:
Fri Aug 27, 2004 9:36 pm |
|
LunarPages webhosting has banned me from using PHP-Nuke.
I was using 7.4 with patches, along with Admin Secure, Protector, and Fortress, and they claimed I caused a DOS attack on their other servers. They have shown no proof of this and have denied acces to my site, files, folders, for over 36 hours now.
Has anyone else had this problem with their webhost(s)? |
| |
|
|
|
GeekyGuy
Client
Joined: Jun 03, 2004
Posts: 302
Location: Huber Heights Ohio
|
| Posted:
Fri Aug 27, 2004 10:11 pm |
|
I was not at all happy with LunarPages, but not over anything like you're talking about. I moved my site to Raven's Webhosting, and have been very happy since.
Although I am still not happy that LunarPages didn't refund any of my money |
_________________
"The Daytona 500 is ours! We won it, we won it, we won it!", Dale Earnhardt, February 15th, 1998, Daytona 500 |
|
  
  |
|
DaveW
|
| Posted:
Mon Aug 30, 2004 10:28 am |
|
OK. finally got my files and log from LP.
These are the scripts in question getty, apache, sh, and dig.
They beat and got around Admin Secure, Protector, and Fortress.
I also checked my logs and index.php was defaced, but that was the only file to be disturbed, based on date/time stamp. It was apparently done by using unic.htm and hack.htm and a Coppermine theme named coppercop.
Coppermine was latest version and patched.
Maybe Admin Secure, Protector, and Fortress couldn't have stopped it afterall? Ideas? Something I did or didn't do? |
| |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Mon Aug 30, 2004 11:31 am |
|
|
|
|
|
GeekyGuy
|
| Posted:
Mon Aug 30, 2004 11:32 am |
|
*edit* Raven beat me to the punch 
DaveW,
Coppermine has had a lot of exploits used against it, see this article Only registered users can see links on this board! Get registered or login!. Raven recommends NOT using Coppermine until it is fixed
From what I understand, none of those protection scripts could have stopped an attack using the un-secured code in Coppermine. |
| |
|
|
|
|
DaveW
|
| Posted:
Mon Aug 30, 2004 3:04 pm |
|
Missed it and paid the price. Thanks for the info.. Now that Coppermine is gone from my site and eGallery is a no no too, What are the other options when it comes to secure galleries? Suggestions  |
| |
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2496
|
| Posted:
Mon Aug 30, 2004 9:00 pm |
|
I don't want to give them (CPG team) a bad rap here if they have actually fixed this and people who are updating are not completely following the install instructions regarding which files need to be removed.
But I do think it would have be nice if they would put a big advisory in the install text saying remove these or your site is at a high risk to exploitation or something. Clearly we all need some clarification on this.
Even a visit to http://nukephotogallery.com doesn't seem to be very enlightening. We can't be the only place hearing about these attacks can we? |
_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 |
|
|
|
|
DaveW
|
| Posted:
Sun Sep 05, 2004 7:19 pm |
|
| sixonetonoffun wrote: | I don't want to give them (CPG team) a bad rap here if they have actually fixed this and people who are updating are not completely following the install instructions regarding which files need to be removed.
But I do think it would have be nice if they would put a big advisory in the install text saying remove these or your site is at a high risk to exploitation or something. Clearly we all need some clarification on this.
Even a visit to http://nukephotogallery.com doesn't seem to be very enlightening. We can't be the only place hearing about these attacks can we? |
Doesn't really matter at this point - LunarPages blames PHP-Nuke along with Admin Secure, Protector, and Fortress of being "script kiddy" software and Coppermine for being the major problem, in regards to their servers being involved in DOS attacks (I think they meant DDOS - duh!) because I used them all on my site.
LunarPages webhosting is the one blaming Coppermine for the DOS attack and suspended my account over. I suspect they purely don't like users of IPB and PHP-Nuke, but can't prove it. They cancel accounts, because they can, I guess 
Anyway, I have switched hosts and don't use PHP-Nuke or Coppermine.
I have switched to Xoops. |
| |
|
|
|
|
Panthera
Hangin' Around
Joined: May 16, 2004
Posts: 28
Location: Northern California, USA
|
| Posted:
Sat Sep 18, 2004 11:35 pm |
|
| sixonetonoffun wrote: | | Even a visit to http://nukephotogallery.com doesn't seem to be very enlightening. We can't be the only place hearing about these attacks can we? |
I, too, had my LunarPages account suspended twice due to hacks. LP is not known for good support. But, since I am keeping my Sentinal and PHPNuke current, I'm not having trouble with LP any more.
However, the http://nukephotogallery.com site is gone. And, Coppermine as a module is NO LONGER being supported. They are focusing strictly on the stand alone version. They blame it on the "buggy phpnuke" platform.
So, here we are, up the stream without a paddle,
Panthera |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
