Hacked or hijacked? Hacked or hijacked?
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Hacked or hijacked?

Started by chuck6478, February 17, 2010, 04:00:55 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

chuck6478


Example: http://www.threedogsportinggoods.com/gallery/displayimage.php?album=8&pos=1

The caption below the filmstrip now contains an ad for some sort of Rolex knockoff watches.  :-\   Trust me, I didn't put it there and I have no idea how to get rid of it.

Every file in my gallery (php and images) is now dated 1/17/2010. I've not uploaded any photos since 2009.

How can I remove the trash?  ???

How can I prevent this happening again?

Thanks

Jeff Bailey

Thinking is the hardest work there is, which is probably the reason why so few engage in it. - Henry Ford

phill104

Please render the Powered by Coppermine footer visible if you want further support.
It is a mistake to think you can solve any major problems just with potatoes.

chuck6478

The footer used to be there. That's just one more thing I guess. Is there a setting to turn it on/off?

Thanks

AntonLargiader

You were advised last fall to update away from 1.4.24. Now CPG is at 1.4.26.
My album:  www dot largiader dot com slash album

AntonLargiader

Quote from: chuck6478 on February 17, 2010, 01:24:37 PM
The footer used to be there. ..

It's there, but your stylesheet specifically/deliberately makes it the same color as the background.
My album:  www dot largiader dot com slash album

phill104

Yep, I doubt a hacker would deliberately go to the extent of changing a bit of css to match your background and specifically with your footer. What would be their motiv? Please restore the footer.
It is a mistake to think you can solve any major problems just with potatoes.

phill104

Looking further into your problem it appears you used your hosts installer. They might have modified the footer, they might be injecting the adverts. If you are still using your hosts install package and just replaced the missing filed from the download you got here then that could very well be the problem.

Upgrade to the latest version using a copy from this site. Then install a test copy from your host. If you see adverts on the copy your host provides then you will know exactly where they came from. If you do not see the adverts on the test install then read the yikes thread suggested above.
It is a mistake to think you can solve any major problems just with potatoes.

AntonLargiader

SiteGround has nine free templates on their site; that one is the only one where the CPG credit is so hard to see. Of course they made their own credit very easy to see, but in the other eight you can easily read the CGP credit although it has different styling than SiteGround's credit.

I suppose under their terms of use, you could change the the CSS classes around and make theirs hard to read instead...

Anyway, if SG is doing the hosting and is providing the installation...  they should get involved. They're running out-of-date software and you got hacked. The need to stay up to date is all over these boards and was pointed out specifically in your previous thread.

It's pretty typical for installers like Fantastico to have old software, too.
My album:  www dot largiader dot com slash album

chuck6478

Too all who have replied, thank you.

1) It was never my intention to not give Coppermine credit. I understand how open source software works and why.
2) I must have missed any notification of a new version because I usually do update to the latest release as soon as it is stable.

Thanks Anton for investigating the missing footer. I never noticed.

I'll take care of it this evening.

Thank you.

François Keller

just my though. It seems that the advertise are in comments who where posted on each pictures (see the lateste comment meta album...).
Avez vous lu la DOC ? la FAQ ? et cherché sur le forum avant de poster ?
Did you read the DOC ? the FAQ ? and search the board before posting ?
Mon Blog

phill104

Quote from: chuck6478 on February 17, 2010, 06:29:25 PM
Too all who have replied, thank you.

1) It was never my intention to not give Coppermine credit. I understand how open source software works and why.
2) I must have missed any notification of a new version because I usually do update to the latest release as soon as it is stable.

Thanks Anton for investigating the missing footer. I never noticed.

I'll take care of it this evening.

Thank you.

I have contacted Siteground re the footer. Thanks to those who made us aware of it. Siteground have provided some templates where they have always kept the footer in-tact so I am sure it is an oversight on their part.

Your second point about notification. Well that really needs you to keep a check on this site for release announcements. The forthcoming cpg1.5 now gives the admin of the site a warning in the back end making it far easier for admins to keep up to date. We realise that not everyone can regularly check here so as long as people upgrade when they are requested to do so in a support thread then that is great for both you and us. CPG1.5 will make that even easier.
It is a mistake to think you can solve any major problems just with potatoes.

Joe Carver

Quote from: chuck6478 on February 17, 2010, 04:00:55 AM
The caption below the filmstrip now contains an ad for some sort of Rolex knockoff watches.

Francois is correct - what you have is called "Forum Spam"

Quote from: chuck6478 on February 17, 2010, 04:00:55 AM
How can I remove the trash?  ???

Delete the Comments for each or all. (your Coppermine docs will tell you how (as admin))

Quote from: chuck6478 on February 17, 2010, 04:00:55 AM
How can I prevent this happening again?

Disable Comments for unregistered users OR search around the plugins and the Support forum for Captcha - reCaptcha or just plain old spam.

chuck6478

Thank you all.

I'm glad to find out it is something as simple as mass unwanted comments. I will clean them up after I update the site and fix the footer.

phill104

The footer is simple. Just edit the templates css file.

Open the templates css file (style.css) and around line 272 you will find 3 entries - .footer, .footer a and .footer a:hover

Simply change the colours for each of those to something visible.

so

.footer {
color: 444c5b;
text-decoration: none;
}


would become something like

.footer {
color: BBBBBB;
text-decoration: none;
}


Do the same for the other 2 classes and you will be once again a happy bunny.

As mentioned above, the capcha plugins will reduce your comment spame to next to nothing.
It is a mistake to think you can solve any major problems just with potatoes.

chuck6478

Thanks fellows.

Updated, comments removed, and footer fixed.


François Keller

Avez vous lu la DOC ? la FAQ ? et cherché sur le forum avant de poster ?
Did you read the DOC ? the FAQ ? and search the board before posting ?
Mon Blog

chuck6478

Resolved:  ;D

  • Unwanted comments removed using the Admin management tools. If there had been more, they could have have also been removed using MySql's Query Browser to execute a query in the form of DELETE FROM cp_comments WHERE msg_author = .....
  • Intallation upgraded to v1.4.26
  • Captcha plugin installed and configured for use when a user is registering or adding comments
  • Registration now requires not only a confirmation email but Admin approval
  • Footer was fixed by changing the color value in style.css as follows:<br>
      .footer and .footer a was changed to #ffffff<br>
      .footer a:hover was changed to #0088ff