Re: orderfile cannot be created

This WebDNA talk-list message is from

2003


It keeps the original formatting.
numero = 54107
interpreted = N
texte = One of the fastest ways to see if you've been hacked it to check the /home directory on the server to see if there are any usernames you do not recognize.  The home directory can be anywhere though.  On my RedHat box I use different home directories for different types of users (FTP or login).  My main home directory is simply located at "/home".

As for your inability to run the restart script while using the su -c... That really does sound like a fishy situation.  Why not check your log files and see if anyone tried to hack the server?  Or even just check the Apache access log to see what types of access was attempted last night.  Most or all of your log file should show requests to your .tpl pages.  Although you will undoubtedly find many Nimda and other Virus attacks as well.  The virus attacks will look like ../../../../cmd%20something/something/something.

Also, if the server is yours I would suggest installing Webmin (webmin.com).  It will make your administration blazingly easy.  I've gotten to the point that I simply refuse to admin any linux or unix box without it.  It allows you can view or edit files, start and stop boot scripts (like the WebCatEngine) and administer your Apache config file.

Matt Perosi
ijo.com
nj-singles.com

Alan White wrote:
on 11/14/03 5:08 PM, Matthew A Perosi at matt@psiprime.com wrote:  
Check your permissions on your files and directories.  Although if itwere a simple reboot to fix the problem this is probably not the case.Why did you just not restart the WebCatEngine and the Apache serverrather than rebooting?  It would have been more interesting to see ifthat would have solved your issue.    
I wish I had done that...  I was trying to run me restart webdna script butthings were acting bizarre, it kept telling me I didn't have permission torun the script even though I had done su -c to execute the command.  This iswhy I thought something had maybe bugged out on the server and tried thereboot.
I have to admit I am not the best when it comes to the server admin side ofthings and I am quite limited in what I can do.  
Did someone hack your server?    
I would love to know the answer to that, can you advise me on a startingpoint for finding out?  
Were your orderfile or associated directories removed or renamed?    
Not that I am aware of...  
Any further advice is appreciated as like I say, Linux admin is not mystrong point.  I am going to get onto our hosting co. as well and see ifthey can look into it for me.CheersAlan-------------------------------------------------------------This message is sent to you because you are subscribed to  the mailing list <WebDNA-Talk@talk.smithmicro.com>.To unsubscribe, E-mail to: <WebDNA-Talk-off@talk.smithmicro.com>To switch to the DIGEST mode, E-mail to <WebDNA-Talk-digest@talk.smithmicro.com>Web Archive of this list is at: http://webdna.smithmicro.com/

------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: orderfile cannot be created ( Matthew A Perosi 2003)
  2. Re: orderfile cannot be created ( Alan White 2003)
  3. Re: orderfile cannot be created ( Matthew A Perosi 2003)
  4. orderfile cannot be created ( Alan White 2003)
One of the fastest ways to see if you've been hacked it to check the /home directory on the server to see if there are any usernames you do not recognize.  The home directory can be anywhere though.  On my RedHat box I use different home directories for different types of users (FTP or login).  My main home directory is simply located at "/home".

As for your inability to run the restart script while using the su -c... That really does sound like a fishy situation.  Why not check your log files and see if anyone tried to hack the server?  Or even just check the Apache access log to see what types of access was attempted last night.  Most or all of your log file should show requests to your .tpl pages.  Although you will undoubtedly find many Nimda and other Virus attacks as well.  The virus attacks will look like ../../../../cmd%20something/something/something.

Also, if the server is yours I would suggest installing Webmin (webmin.com).  It will make your administration blazingly easy.  I've gotten to the point that I simply refuse to admin any linux or unix box without it.  It allows you can view or edit files, start and stop boot scripts (like the WebCatEngine) and administer your Apache config file.

Matt Perosi
ijo.com
nj-singles.com

Alan White wrote:
on 11/14/03 5:08 PM, Matthew A Perosi at matt@psiprime.com wrote:  
Check your permissions on your files and directories.  Although if itwere a simple reboot to fix the problem this is probably not the case.Why did you just not restart the WebCatEngine and the Apache serverrather than rebooting?  It would have been more interesting to see ifthat would have solved your issue.    
I wish I had done that...  I was trying to run me restart webdna script butthings were acting bizarre, it kept telling me I didn't have permission torun the script even though I had done su -c to execute the command.  This iswhy I thought something had maybe bugged out on the server and tried thereboot.
I have to admit I am not the best when it comes to the server admin side ofthings and I am quite limited in what I can do.  
Did someone hack your server?    
I would love to know the answer to that, can you advise me on a startingpoint for finding out?  
Were your orderfile or associated directories removed or renamed?    
Not that I am aware of...  
Any further advice is appreciated as like I say, Linux admin is not mystrong point.  I am going to get onto our hosting co. as well and see ifthey can look into it for me.CheersAlan-------------------------------------------------------------This message is sent to you because you are subscribed to  the mailing list <WebDNA-Talk@talk.smithmicro.com>.To unsubscribe, E-mail to: <WebDNA-Talk-off@talk.smithmicro.com>To switch to the DIGEST mode, E-mail to <WebDNA-Talk-digest@talk.smithmicro.com>Web Archive of this list is at: http://webdna.smithmicro.com/

------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Matthew A Perosi

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

form posts expiring instantly... why? (2000) Store Builder (2001) problems with 2 tags shakur (1997) [OT] .php3 extension (2000) RE: Renaming textA (1998) Make sure I understand this??? (1997) Setting user and password (1999) Help! WebCat2 bug (1997) default value from Lookup (1997) ListFiles (1998) [AppendFile] problem (WebCat2b13 Mac .acgi) (1997) [OT] Robust order processing (2003) Upgrading to 4.0 on Windoze 98 (2000) Cookies not being set on PC/ Explorer (2000) Listing Words Backwords (2001) Possible Bug in 2.0b15.acgi (1997) looping table rows (1999) email code (1998) WebCat2b13MacPlugin - nested [xxx] contexts (1997) Car Database (2002)