|
Joined: Sep 2001
Posts: 672
Member
|
Member
Joined: Sep 2001
Posts: 672 |
Man, I keep getting this hacklog.cgi created in my UBB directory. Anyone ever see this or have problems?
It keeps taking up all my space. It was just at 65 gigs for peats sake. I delete it, and 20 min later it comes back and now its 685 megs again.
Is this standard with classic, or is this my host?
|
|
|
|
Joined: Jan 2000
Posts: 5,073
Admin Emeritus
|
Admin Emeritus
Joined: Jan 2000
Posts: 5,073 |
I find it highly unlikely that it was 65 gigs, nor that it could ever reach 685 megs. Are you sure you aren't shifting the decimal over three places? Or maybe even six? The hacklog on Flare is only 220k, after being cleared in June 2003...
The file is a log of all potential security breaches, including alerts of bad HTML posted.
UBB.classic: Love it or hate it, it was mine.
|
|
|
|
Joined: Sep 2001
Posts: 672
Member
|
Member
Joined: Sep 2001
Posts: 672 |
you sure about that buddy? and it keeps getting bigger by the minute :rolleyes:
|
|
|
|
Joined: Jan 2000
Posts: 5,833 Likes: 20
UBBDev / UBBWiki Owner Time Lord
|
UBBDev / UBBWiki Owner Time Lord
Joined: Jan 2000
Posts: 5,833 Likes: 20 |
Very odd; mine is only like 300k and it's from the past 3 years... What type of data is being relayed in the log?
|
|
|
|
Joined: Sep 2001
Posts: 672
Member
|
Member
Joined: Sep 2001
Posts: 672 |
Originally posted by Gizzy:
Very odd; mine is only like 300k and it's from the past 3 years... What type of data is being relayed in the log?
The same dam data every time. Its HTML code that I was playing with in a new thread. Actually it was a form I was designing for applying for something on my board. It's obivously all HTML and I was gonna post it in a new thread, but I was testing it out many of times by creating new threads with it, seeing how it looked. But that was yesterday !! I disabled a few tags like so maybe thats why? Who knows. I just deleted it, and it's created itself again, and its up to a few hundred megs again
|
|
|
|
Joined: Jan 2003
Posts: 3,456 Likes: 2
Master Hacker
|
Master Hacker
Joined: Jan 2003
Posts: 3,456 Likes: 2 |
mine is only 100K dating back over a year
havoq, it's stupid to allow those tags, as script is one of the known security holes, and body could easily ruin the layout of your page
|
|
|
|
Joined: Jan 2000
Posts: 5,073
Admin Emeritus
|
Admin Emeritus
Joined: Jan 2000
Posts: 5,073 |
quote: I disabled a few tags like so maybe thats why? Did you completely, totally fail to read the big boilerplate above that code saying NOT TO TOUCH THE FILTERS? There's a good reason for that. However, there is no good reason for hacklog to be doing that. I suggest restoring to stock code immediately to see if it rectifies the issue.
UBB.classic: Love it or hate it, it was mine.
|
|
|
|
Joined: Sep 2001
Posts: 672
Member
|
Member
Joined: Sep 2001
Posts: 672 |
Originally posted by Ian Spence:
mine is only 100K dating back over a year
havoq, it's stupid to allow those tags, as script is one of the known security holes, and body could easily ruin the layout of your page
How can it again ruin my page if HTML is disabled on my forums? Restoring the stock code, did not help
|
|
|
|
Joined: Jan 2000
Posts: 5,073
Admin Emeritus
|
Admin Emeritus
Joined: Jan 2000
Posts: 5,073 |
Keep the stock code in place, go to infopop.com, and open a support ticket. Reference the URL to this topic, and include a request that the ticket be assigned to me. I need to examine the hacklog.
In the mean time, turn your board off to prevent the hacklog from growing any larger.
UBB.classic: Love it or hate it, it was mine.
|
|
|
|
Joined: Sep 2001
Posts: 672
Member
|
Member
Joined: Sep 2001
Posts: 672 |
I already fixed and resolved the problem. Just changed permissions on the file to 666, which prevented writing to the file. Then I rebuilt the forum stat files for the forum that I knew I had the problem with. Then cleared the cache, deleted the file, and wham, everything seems fine. File hasnt been created in 12 hours.
|
|
|
|
Joined: Mar 2001
Posts: 7,394
Admin / Code Breaker
|
Admin / Code Breaker
Joined: Mar 2001
Posts: 7,394 |
Well, that doesn't fix the problem, perhaps there is a reason why the hacklog was created, a problem with the code. I think you should CHMOD the hacklog.cgi 777 and when it turns 5mb or so CHMOD it back to 666, then open up a support ticket like CC said.
|
|
|
|
Joined: Jan 2000
Posts: 5,073
Admin Emeritus
|
Admin Emeritus
Joined: Jan 2000
Posts: 5,073 |
The code will automagically correct the permissions for you. Not that 0666 would make a difference in write permissions, as you only removed the execute bit.
UBB.classic: Love it or hate it, it was mine.
|
|
|
|
Joined: Jan 2000
Posts: 5,833 Likes: 20
UBBDev / UBBWiki Owner Time Lord
|
UBBDev / UBBWiki Owner Time Lord
Joined: Jan 2000
Posts: 5,833 Likes: 20 |
Agreed, World Read, World Write, No Execute would have little effect on writing of the file; if it hasn't been re-created you must have done something else that repaired the issue.
|
|
|
Donate to UBBDev today to help aid in Operational, Server and Script Maintenance, and Development costs.
Please also see our parent organization VNC Web Services if you're in the need of a new UBB.threads Install or Upgrade, Site/Server Migrations, or Security and Coding Services.
|
|
Posts: 1,157
Joined: July 2001
|
|
Forums63
Topics37,573
Posts293,925
Members13,849
|
Most Online5,166 Sep 15th, 2019
|
|
Currently Online
Topics Created
Posts Made
Users Online
Birthdays
|
|
|
|