Major Spam header problem... Major Spam header problem...
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Major Spam header problem...

Started by flyingsparks, November 20, 2008, 05:15:43 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

flyingsparks

I've been having some trouble getting the latest update to unzip for me, so that I can update, but today I've encountered a huge spam attack on my gallery.

If you go to my site link here: http://sonnykate.com/gallery/   you can see it...

However, if you type in the link this way: http://www.sonnykate.com/gallery/  then it's not there..

Can someone please point me in the right direction of what I need to do to fix this problem?

Help is really appreciated. Thanks in advance

flyingsparks

Also, I meant to say that.. now when I log in as an admin.. and go into the config page.. If I try to make an update and hit 'save new configuration' another page comes up with two boxes and then a button to press that says 'authenticate'

I believe that both of my issues are related.

flyingsparks

Well, i was just able to run the 1.4.19 update and it looks like that took care of my spam problem, but I'm still having the issue of "If I try to make an update and hit 'save new configuration' another page comes up with two boxes and then a button to press that says 'authenticate'"

Can anyone help me with that?

Joachim Müller

If you haven't been running the most recent stable release when your issues started, you probably haven't been spammed, but hacked. Just performing an upgrade after having been hacked won't make the problem go away. Read Yikes, I've been hacked! Now what?

flyingsparks

Quote from: Joachim Müller on November 20, 2008, 08:41:04 AM
If you haven't been running the most recent stable release when your issues started, you probably haven't been spammed, but hacked. Just performing an upgrade after having been hacked won't make the problem go away. Read Yikes, I've been hacked! Now what?

Thanks for the link. I've just read all through that, but I'm still concerned about the issue I'm having with my admin.php file... is there a way that I'd be able to fix that without first having to compare all of my files?

If I try to make an update and hit 'save new configuration' another page comes up with two boxes and then a button to press that says 'authenticate'.  Then the time I did try to put in my ID/Password and Authenticate it didn't work, so I can't even put my gallery offline while I try to fix the hacking issue.

Joachim Müller

What do you expect? Some miracle cure? Easy instructions like "press Y on your keyboard and everything will be fine"? No, there's no easier method than the one I described. Setting coppermine into offline mode can be accomplished using a tool like phpMyAdmin, browsing coppermine's config table, finding "offline" and setting it from 0 to 1. But setting your gallery to offline mode won't stop the payload of the hack, so what should that be good for. Instead of sitting there and waiting for a knight in full armor to resuce the damsel from the dragon you should roll up your sleeves and get your hands dirty.

flyingsparks

Quote from: Joachim Müller on November 20, 2008, 09:45:35 PM
What do you expect? Some miracle cure? Easy instructions like "press Y on your keyboard and everything will be fine"? No, there's no easier method than the one I described. Setting coppermine into offline mode can be accomplished using a tool like phpMyAdmin, browsing coppermine's config table, finding "offline" and setting it from 0 to 1. But setting your gallery to offline mode won't stop the payload of the hack, so what should that be good for. Instead of sitting there and waiting for a knight in full armor to resuce the damsel from the dragon you should roll up your sleeves and get your hands dirty.

Wow, I'm brand new on the board and don't consider myself an expert with Coppermine...  Didn't know about the phpmyadmin trick to turn the board offine.  Never expected my gallery to be hacked, and was looking for some help, but thanks for the attitude!