My forum is down.
It's show the flowing error:
QuoteFailed to run the PHP program for security reasons.
Contact the creator of the page.
I have downloaded, the status.php from the tools menu. When I run it on my site it show the flowing code:
Fatal error: Uncaught Error: Call to undefined function set_magic_quotes_runtime() in /***/***/villanyszerelo.forum.hu/status.php:39 Stack trace: #0 /***/***/villanyszerelo.forum.hu/status.php(28): initialize_inputs() #1 {main} thrown in /***/***/villanyszerelo.forum.hu/status.phpon line 39
I have turned on the php log function on my site. It's show the same error.
[03-Feb-2018 03:14:11 Europe/Budapest] PHP Fatal error: Uncaught Error: Call to undefined function set_magic_quotes_runtime() in /***/***/villanyszerelo.forum.hu/status.php:39
Stack trace:
#0 /***/***/villanyszerelo.forum.hu/status.php(28): initialize_inputs()
#1 {main}
thrown in /***/***/villanyszerelo.forum.hu/status.php on line 39
I haven't modified nothing on my site. So what can be the problem?
My forum is down.
It's show the flowing error:
Quote
Failed to run the PHP program for security reasons.
Contact the creator of the page.
I have downloaded, the status.php from the tools menu. When I run it on my site it show the flowing code:
Code: [Select]
Fatal error: Uncaught Error: Call to undefined function set_magic_quotes_runtime() in /***/***/villanyszerelo.forum.hu/status.php:39 Stack trace: #0 /***/***/villanyszerelo.forum.hu/status.php(28): initialize_inputs() #1 {main} thrown in /***/***/villanyszerelo.forum.hu/status.phpon line 39
I have turned on the php log function on my site. It's show the same error.
Code: [Select]
[03-Feb-2018 03:14:11 Europe/Budapest] PHP Fatal error: Uncaught Error: Call to undefined function set_magic_quotes_runtime() in /***/***/villanyszerelo.forum.hu/status.php:39
Stack trace:
#0 /***/***/villanyszerelo.forum.hu/status.php(28): initialize_inputs()
#1 {main}
thrown in /***/***/villanyszerelo.forum.hu/status.php on line 39
I haven't modified nothing on my site. So what can be the problem?
My forum is running on 2.0.15 version
I have created to the wrong section my topic. I can't remove it.
@moderator: Please remove it. My forum is running on 2.0.15 version, not in 2.1
Thanks
Merged.
Does your server's error log offer any more detailed error message?
NO :(
I have checked the log_errors mysql table, and there are lots off errors, this two are this:
2: Parameter 1 to KB_ob() expected to be a reference, value given
2: Parameter 1 to smart_pagination_buffer() expected to be a reference, value given
Maybe this is the problem?
The site is still down. I can't find the solution.
you need to find the server error log not the SMF error log.
You have to either downgrade your php version or install SMF 2.0.15\
set_magic_quotes_runtime is not in SMF 2.0.15
I have the reason.
My web service provider has noticed that my site was tried to hack. They have send my the flowing information.
QuoteThe virus protection of our system has been activated because they tried to break the page: topic = 2178.0 AnD BeNChMaRK (2999999, MD5 (NOW ())
This system detected this and moved the file to quarantine. We have removed this from the quarantine, but try to inform the programmer to update the program code so that it can not be exploited on the vulnerability page.
I asked for more detailed information
update:
I have received the web server traffic log. I can see the following information.
Quotexxx.xx.238.26 - - [02/Feb/2018:19:28:19 +0100] "GET /index.php?topic=2178.0'\" HTTP/1.1" 200 97767 "-" "-"
xxx.xx.238.26 - - [02/Feb/2018:19:28:21 +0100] "GET /index.php?topic=2178.0 HTTP/1.1" 200 97767 "-" "-"
xxx.xx.238.26 - - [02/Feb/2018:19:28:22 +0100] "GET /index.php?topic=2178.02121121121212.1 HTTP/1.1" 200 97743 "-" "-"
xxx.xx.238.26 - - [02/Feb/2018:19:28:23 +0100] "GET /index.php?topic=2178.0%20and%201%3D1 HTTP/1.1" 200 97755 "-" "-"
xxx.xx.238.26 - - [02/Feb/2018:19:28:24 +0100] "GET /index.php?topic=2178.0%20and%201%3E1 HTTP/1.1" 200 97767 "-" "-"
That's normal that's standard hack bot it will try but fails since SMF is protected against that issue.
Thanks for the information :)