Index.php


#1

I have 3 websites that uses Postnuke. Right now when you go to the sites, all I get is a blank page. It was like this 2 days ago, I got an email back from DH saying it was fine last night. Checked it out and yes it was. I go in this morning and it’s back to a blank page. There seems to be an issue with the index.php page.

Anyone has any ideas?


#2

That’s usually an indication that a php file or config has an error, but the error isn’t directed to the browser because error reporting is turned off - the result of which is a blank page.

Are you able to list your site addresses?

Maximum Cash Discount on any plan with MAXCASH


#3

I have not changed anything on the index.php files at all since I installed the cms.

Yes, one of the websites is www.mosayk.ca

Thanks…


#4

I’d check index.php in an ftp client to see if there are any changes.

If it looks okay, check if there’s a hidden .htaccess file in the www.mosayk.ca folder.

Maximum Cash Discount on any plan with MAXCASH


#5

I’ve checked them all. Nothing’s been changed as far as I can tell. The other websites are www.spillback.com and www.band2.ca

No hidden .htaccess files either. Altho my main .htaccess file seems to have been changed yesterday. And this is what’s in it:

#AddType php-cgi .php
#php_flag magic_quotes_gpc On

Thanks


#6

If the htaccess was changed without your knowledge, alarm bells should be ringing. You call it your “main” htaccess file. Do you mean it resides in your HOME directory or is it in the domain.com folder? Are the htaccess files in your other domain folders changed in the same manner?

The php_flag (even if it worked) shouldn’t stop phpnuke from functioning. The AddType line should be uncommented if you have a custom php. Having said that, it would also require at least one other line (an Action) to function correctly.

I would be extremely concerned about the htaccess file changing “by itself”. You didn’t install a module or addon yesterday that could account for any change made to your htaccess file(s)?

Maximum Cash Discount on any plan with MAXCASH


#7

It is the one that resides on the home directory. I don’t see any htaccess files on each domain folder nor remember having one in any.

I’m going by the information I get from the ftp software I use (SmartFTP). It says it was modified on 10/08/2008 6:15 AM. The user as it shows is me. Under a group that I don’t have a clue about (pg12642). Permission is 644.

And no, I have not installed anything in the last few days/weeks.

Thanks.


#8

Check in Panel > Users > Unix Groups and it should list the default group for all users on your account.

I’d definitely contact Support and explain that a htaccess file appeared in your root directory, apparently with your user’s credentials, but without your knowledge. It might be just a glitch somewhere but there’s a chance that ‘something’ could be testing your account, especially considering the AddType line involved.

Maximum Cash Discount on any plan with MAXCASH


#9

It is the default group.

I’d contact them again and let them know about the htaccess file being modified.

Thanks.


#10

Hmmm… Now it’s saying the following when I try to access the site.

Forbidden
You don’t have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Anyone has any ideas? DH support has not responded to my email yet.


#11

I tried your sites just now and am receiving a blank response like yesterday rather than a 403 Error. What I would suggest you do is remove the .htaccess file from your root directory entirely (or rename it to .htaccessold) and see if it magically appears again.

Maximum Cash Discount on any plan with MAXCASH


#12

Yeah. It’s back to that. And I got a response back from DH telling me that everything’s okay on their end. And it’s all MY problem since I’m using a 3rd party software they don’t support. This is what I get for being with them for 8 years.

I just did that, renamed the htaccess file, still the same thing. I’m at a loss as to what to do with it. BTW, maybe you can help. I tried uploading a new htaccess file yesterday but I can’t seem to do that. It says it’s transferred the file but I can’t find it after the upload. Any ideas?

Thanks for taking the time to help.


#13

The dotted files are hidden to ftp clients by default, although I guess you’re aware of that. First thing to check would be your ftp client’s preferences/options and make sure “Show Hidden Files” or somesuch is enabled in the client software.

Which version(s) of Nuke are you using btw?

Maximum Cash Discount on any plan with MAXCASH


#14

I have done that too. :frowning:

I have different versions of postnuke running on those 3 sites and was created at different times.

I’m beginning to think this is specific to the 3 websites. I have 2 other postnuke sites which DH have disabled a few days ago and I just enabled them and the sites worked, well at least it does open up altho I’m getting all sorts of errors on them too. So I’m assuming it’s not he htaccess file on the main root.

Any ideas?

Thanks for your time.


#15

Not really I’m afraid. If you’re noticing .htaccess files popping up, especially in your root, and you’re sure you didn’t create them then chances are someone’s used a vulnerability in postnuke to 'jack your domains. If it were me I’d be going over all files and the database with a fine tooth comb so see what’s changed and when it occured. If possible upload fresh files over the top.

If you find your domains are hijacked then the only advice I can give you is to use different scripts. I have a mate who is beta testing the latest phpnuke Platinum which is purportedly the most secure version of the nukes to date. If you like I could ask him if there’s a postnuke > phpnuke converter handy and have him host the files for you to download and install.

Hopefully your accounts weren’t compromised though and it’s just a bug somewhere!

Maximum Cash Discount on any plan with MAXCASH