I have a folder named test_codes inside which are an html file(radioButton2.html) meant to submit to a php file(process_radioButton2.php).
The code runs without any output and there is no error message in the error log in the directory.However, when I, out of frustration, went into the general error log, I saw:
[Fri Jun 26 04:41:58 2015] [error] [client 41.190.3.14] File does not
exist: /home/chuzymat/public_html/404.shtml, referer:
http://www.chuzymatics.com/test_codes/process_radioButton2.php
Please, what could be wrong? Why is the file invisible even when I am sure it's there?
The path to upload directory could be wrong or do not have read/write access. Share your code if you need more exact answers.
Related
My Wordpress website was down due to a database connection error.
When I looked into the cPanel error log I saw around a 100 rows that looked like these:
[Tue Apr 02 06:24:11.179218 2019] [cgi:error] [pid 31625] [client
50.3.196.173:41576] AH01215: PHP Warning: Error while sending QUERY packet. PID=31986 in /home/admin/public_html/wp-includes/wp-db.php on
line 1924: /usr/local/cpanel/cgi-sys/ea-php71, referer:
http://www.worldtravelawards.com/profile-4544-the-monte-carlo-beach
[Tue Apr 02 06:24:11.176124 2019] [cgi:error] [pid 31617] [client
196.247.235.184:60968] AH01215: PHP Warning: Error while sending QUERY packet. PID=31998 in
/home/admin/public_html/wp-includes/wp-db.php on line 1924:
/usr/local/cpanel/cgi-sys/ea-php71, referer:
http://www.worldtravelawards.com/profile-3005-walt-disney-world-swan-and-dolphin-resort
The referer is an external domain that somehow is accessing my wp-db.php file, causing a PHP, database-related, error. I did some research and came across subjects like "Bandwidth theft" and "Database injection", but I couldn't really find a good answer to a similar situation.
Any ideas what it could be and how to prevent this from happening? Thanks in advance!
Referer does not mean anything.
A HTTP_REFERER is a header sent by a browser primarily used for analytics that shows where did the user come from. In this example, a user clicked on a link on http://www.worldtravelawards.com/profile-4544-the-monte-carlo-beach webpage that leads to your website. www.worldtravelawards.com is not their actual hostname.
See: [Error while sending QUERY packet
for info about the PHP error.
Post Scriptum: Avoid posting actual IP addresses of your clients or domains of your website because it may lead to hacking attempts.
I am newly using Google compute engine (GCP). I have a limited knowledge on programming yet i am hosting WordPress website in my server.
The problem is few days back my site got hacked or access by someone else. I received a message from GCE customer support that my account will be suspended if I don't stop using server for mining cryptocurrency. Now I have no idea what he was talking. Then I checked the files and can see lots of foreign files. He is apparently using my server to mine crypto, though nothing malicious or disruption of server..
As I have lots of edited and custom files and that I don't have backup files, my best option was to manually check and remove all those foreign files.. I have almost removed all the files but still there are files continously calling from somewhere else function or something that is tracing NOT FOUND error in error.log and access.log.. Looks like using cron jobs or something.. I have no idea where it's coming from.. I am just trying to find that file that is executing those functions.
error.log file:
[Tue Nov 13 15:03:34.595848 2018] [:error] [pid 31561] [client 66.249.66.150:47822] script '/var/www/example.com/tozeowi.php' not found or unable to $
[Tue Nov 13 15:05:56.744506 2018] [core:error] [pid 31587] [client 176.9.23.3:36328] AH00124: Request exceeded the limit of 10 internal redirects due to probable configurat$
Access.log file:
"GET /joapow1ok/tozeowi.php?serhtr=morgan-stanley-health-insurance-benefits'A=0 HTTP/1.1" 404 3621 "https://www.example.com/joapow1ok/tozeowi.php?"
If someone can help me find that file causing to execute that GET function.. Or is there any linux function to find figure out.
Note: I have disabled many plugins and my theme yet no luck.. I have 3 website in the same directory and all got infected.
I have two simple test files, one a basic HTML document that displays a simple message and the other a PHP document that does the same.
If I access the HTML document using a URL like this it displays properly:
sample.com/test.html
If I access the PHP file in a similar manner it also displays properly:
sample.com/test.php
Accessing the HTML file from a subdirectory also works just fine:
sample.com/somedirectory/test.html
However, accessing the PHP page in a similar manner does not work:
sample.com/somedirectory/test.php
It produces this error:
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, webmaster#samplehs.pltwcs.org and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.`
EDIT
Here is the HTML code:
<html>
<body>
hello world
</body>
</html>
And the PHP code:
<?php
phpinfo();
?>
Here's what the server's error log has to say:
[Wed Dec 18 12:58:08 2013] [error] [client 71.222.168.54] File does not exist: /home/username/public_html/500.shtml
[Wed Dec 18 12:58:08 2013] [error] [client 71.222.168.54] SoftException in Application.cpp:256: File "/home/username/public_html/somedirectory/test.php" is writeable by group
You have to set the permissions of your PHP files to 644 and folders to 755 because your server has suEXEC enabled.
From the terminal you should run chmod 644 test.php or use any FTP client to set your permissions
Source
Source #2
Based on the error File "/home/username/public_html/somedirectory/test.php" is writeable by group your server is using something like suphp, and you need to remove write permissions from group: chmod go-w /home/username/public_html/somedirectory/test.php from command line.
Has anyone ever seen the below error in a site running on Concrete CMS ?
This is from the apache error log file
[Thu Jan 31 08:06:51 2013] [error] [client 41.56.88.53] File does not
exist: /va
r/www/\r\n SomeCustomInjectedHeader:injected_by_wvs, referer:
http://www.mysite.com:80/ [Thu Jan 31 08:06:51 2013] [error] [client
41.56.88.53] File does not exist: /va r/www/\n SomeCustomInjectedHeader:injected_by_wvs, referer:
http://www.mysite.com
Looks like some kind of injected file. Does anyone have any idea how I can find what is causing those entries in the error logs?
That has nothing to do with concrete5. It's a scan from an external source, looking for some sort of vulnerability.
This could be good (some hosting providers might do it to make sure you're not going to get hacked) or bad (someone looking for a machine to attack). But bad is relative. It's like returning to your car and seeing that someone touched your door handle.... If you watch your logs, you'll see plenty of blind attacks like this.
I am developing a wordpress theme and I want to use jQuery.load() to load data from a PHP file in my theme directory called process.php to a div in a wordpress page template.
I haven't had any issues with load() in the past but Wordpress is preventing me from loading the data or even accessing the process.php file in the browser.
When I navigate to the full path of the file (eg: http://[site]/[theme]/functions/process.php) I get the following error in Chrome
Internal Server Error.
The server encountered an internal error or misconfiguration and was
unable to complete your request.
Please contact the server administrator, **#gmial.com and inform
them of the time the error occurred, and anything you might have done
that may have caused the error.
More information about this error may be available in the server error
log.
I've read similar questions but they involve modifying the .htaccess file. Does anyone know how to do this from a theme perspective ie: using $wp_rewrite.
EDIT
Linux Server error log states [Mon Mar 12 14:00:52 2012] [error] [client 121.98.81.237] SoftException in Application.cpp:245: File "/var/www/vhosts/****.co.nz/httpdocs/npr/wp-content/themes/_s_2/functions/process.php" is writeable by group
[Mon Mar 12 14:00:52 2012] [error] [client 121.98.81.237] Premature end of script headers: process.php
and this is process.php
<?php
echo "hello from php";
?>
I think the better way is use by init action and check the $_GET/$_POST, and return the string you want.. and if all ok, you can die() the script.
For this way you get access to wordpress db and all..