Hey all.
I need some help here. :confused4
So, I've got paid hosting and all, it's only the 3rd or 4th day since I've got this plan from this guy.
First day I got the package, I realised that phpinfo() (PHP function) was disabled. I got this guy on MSN (Live Messenger) and he said this:
Next day, I came on-line and realised that my site had been down for ~5% of the time. I threw him an email, and one of his "staff" replied:
However, today, I realised that there was a total of 3h downtime. I got the guy on MSN again, and he said it was because fopen() is disabled, and the tracking monitors (Site Uptime and Host-Tracker) used this fopen() function to track the site's uptime.
His reason therefore, was that the site was up all along, and it's the trackers that were playing tricks on me. Here's our MSN conversation (just only) for those who are interested. Note: Our names, and some data which I deem unfit to be publicised have been removed to protect the privacy of both parties.
Is this guy lying to me? Can phpinfo() and fopen() really cause remote shell attacks? Do site trackers use fopen() to track a site's uptime?
More info:
For Host-Tracker, I chose "method:head";
For Site Uptime, I chose "service:http";
TIA for anyone who renders help for this poor soul
I need some help here. :confused4
So, I've got paid hosting and all, it's only the 3rd or 4th day since I've got this plan from this guy.
First day I got the package, I realised that phpinfo() (PHP function) was disabled. I got this guy on MSN (Live Messenger) and he said this:
I wasn't too sure about shells and stuff, so I just let the thing rest.because of security reasons it disabled. bcoz ppl see the php info and create a shell accordingly and shell the server
Next day, I came on-line and realised that my site had been down for ~5% of the time. I threw him an email, and one of his "staff" replied:
I didn't know much about cPanel and Linux stuff, so again, I let it rest.Hello ###,
We really apologies for that... I want to tell you that there is some problem in the backup feature of this server on which you are hosted!
We have submitted a ticket to the cpaenl support to look at this problem.
The problem is, when the backup feature starts its work then the server load is so high that it cause failure of apache for some time...
I hope you understand that how much improtant is to run the backup of all account on the server!
We are looking into this problem and let you know when this problem is resolved.
Regards,
Barty
However, today, I realised that there was a total of 3h downtime. I got the guy on MSN again, and he said it was because fopen() is disabled, and the tracking monitors (Site Uptime and Host-Tracker) used this fopen() function to track the site's uptime.
His reason therefore, was that the site was up all along, and it's the trackers that were playing tricks on me. Here's our MSN conversation (just only) for those who are interested. Note: Our names, and some data which I deem unfit to be publicised have been removed to protect the privacy of both parties.
He's not back yet. And I really did create that file, and it worked fine. I've even installed WordPress, and everything worked fine, including the theme-editor, which makes use of fopen(). For those who are interested, please PM me for the file URL (Wait. Can I receive PMs?). Anyway,ME says:
Hey
HIM-------- says:
hi
ME says:
some one from your company said "Yes we have already looked into this... On the server on which your account was hosted ! there were a reseller account in which Rapid leech was installed! We have now terminated that account and now the server is doing good!"
ME says:
but i still got 3 h of downtime
ME says:
http://host-tracker.com/site-availability-stats/####
ME says:
http://www.siteuptime.com/statistics.php?Id=#####&&UserId=#####
HIM-------- says:
when
ME says:
and all these are AFTER that email.
HIM-------- says:
?
HIM-------- says:
no the sever was not down
ME says:
yes it was
ME says:
02:00 PM - 02:47 AM Failed
03:16 AM - 03:16 AM Ok
03:47 AM - 04:16 AM Failed
04:46 AM - 03:15 PM Ok
HIM-------- says:
i got many complaints of that
HIM-------- says:
are u famalier of php
ME says:
QUITE
ME says:
why?
HIM-------- says:
there is something like fopen() which the tracking system use to check the website uptime
HIM-------- says:
we have removed the fopen() from our system
ME says:
why
HIM-------- says:
because of secirity reasons
ME says:
i may need fopen() sometimes
ME says:
Wordpress uses it
HIM-------- says:
we are getting remote shell attacks
HIM-------- says:
through fopen()
HIM-------- says:
thats
ME says:
yeah but.
HIM-------- says:
y
HIM-------- says:
we have also removed our status script too
ME says:
why don't i see other hosts disabling fopen and phpinfo and what not
HIM-------- says:
i really dont know
ME says:
many scripts use fopen
HIM-------- says:
have u ever fell urself that ur server is down
HIM-------- says:
?
ME says:
fopen is NOT disabled
ME says:
look at this: http://www.#######.com/test.php
ME says:
the source is
<?PHP
$handle = fopen("forums/install/lock", "r");
?>
ME says:
no error. means it works fine.
HIM-------- sent 7/9/2008 4:45 PM:
let me check
Is this guy lying to me? Can phpinfo() and fopen() really cause remote shell attacks? Do site trackers use fopen() to track a site's uptime?
More info:
For Host-Tracker, I chose "method:head";
For Site Uptime, I chose "service:http";
TIA for anyone who renders help for this poor soul