![]() |
|
udpate to 1.4.2 - Printable Version +- ZenphotoCMS Forum (https://forum.zenphoto.org) +-- Forum: Support (https://forum.zenphoto.org/forum-1.html) +--- Forum: General support (https://forum.zenphoto.org/forum-4.html) +--- Thread: udpate to 1.4.2 (/thread-9435.html) Pages:
1
2
|
udpate to 1.4.2 - atomicmak - 2012-01-03 i am facing one problem. "setup scripts missing" when i put again from 1.4.1.6 it runs smooth for another 10 days and then gives msg again. today i faced it again and restored yesterday's backup. i have 1500+ images and i do upload images form ftp only on respective folder instead using admin part. can anyone guide what would be the problem ? I've tried upgrading to 1.4.2 rc2 first and it failed as everytime it ask me for user/pass which i provide right then also it says wrong. later i tried forgot password but nothing happens same issue. anyone up for this on help please ? udpate to 1.4.2 - acrylian - 2012-01-03 Setup is actually only needed if you are installing or upgrading. It only would be requested if Zenphoto detects such. I have never seen that otherwise. Also I have no idea about the password issue. The only thing I oculd think of that the database has been changed (encoding for exampl). Maybe sbillard has any idea later today. udpate to 1.4.2 - atomicmak - 2012-01-03 well i have been doing nothing on admin part as well as any db editing except updloading images regularly on folders under album through ftp. and then refresh seo cleanup to make them lowercase. i have deleted ajaxfilemanager under zp-core/zp-extensions/tiny_MCE/Plugins/ as i was reading it has loophole in that on some post here on forum. i have been informed by my host that it was throwing some huge traffic by some unknown php files which we cleaned and harden permissions. now those php i dont see which was previously being generated but i still every 10 / 15 days getting setup script missing issue udpate to 1.4.2 - atomicmak - 2012-01-03 for 1.4.2 i will wait till the GJR release its zpmasonry for it. till that time if someone guide how to stop being hacked on zenphoto would be good. cuz my host has raised me a notifiction that if that happens again they'll block me out. udpate to 1.4.2 - atomicmak - 2012-01-03 My htaccess is here as i am using litespeed web-server htaccess file version 1.4.1;When Zenphoto requires changes to the rewrite rules:First make a copy of this file as 'oldhtaccess' in the zp-core folder so setup can test for unmodified filesUpdate the above and the define in setup.phpRewriteEngine On RewriteBase / RewriteRule ^admin/?$ zp-core/admin.php [R,L] RewriteCond %{REQUEST_FILENAME} -d RewriteCond %{REQUEST_FILENAME} -f [OR] put no rules before this line####################### Rewrite rules for removed sitemap.phpRewriteRule ^sitemap.php index.php?sitemap [L,R=301] Rewrite rules for removed RSS files
RewriteCond %{QUERY_STRING} withimages&lang=(.*)
RewriteCond %{QUERY_STRING} type=(.)&lang=(.) RewriteCond %{QUERY_STRING} lang=(.*)&albumsmode RewriteCond %{QUERY_STRING} lang=(.)&category=(.) RewriteCond %{QUERY_STRING} lang=(.*) rewrite rule for tinyURLsRewriteRule ^tiny/([0-9]+)/?$ index.php?p=$1&t [L,QSA] RewriteRule index.php$ index.php [L,QSA] Rewrite rule addition for searchRewriteRule ^page/search/fields([0-9]+)/(.)/([0-9]+)/?$ index.php?p=search&searchfields=$1&words=$2&page=$3 [L,QSA] Rewrite additions for zenpage
RewriteRule ^pages/(.)/?$ index.php?p=pages&title=$1 [L,QSA] RewriteRule ^(.)/image/(thumb|[0-9]{1,4})/([^/\]+)$ zp-core/i.php?a=$1&i=$3&s=$2 [L,QSA] Catch-all - everything else gets handled in PHP for compatibility.RewriteRule ^(.*)/?$ index.php?album=$1 [L,QSA] udpate to 1.4.2 - acrylian - 2012-01-03 I have no idea what is going on on your server. Regarding preventing hacks, set the correct permissions on files and foldes will protect your from being hacked. I have neither knowledge about litespeed servers nor do we test Zenphoto on them. We can only test Apache so something might be different there (maybe I confuse it with another server but didn't litespeed require special htaccess rules?). udpate to 1.4.2 - sbillard - 2012-01-03 Something on your server must be changing every 15 days that Zenphoto is sensitive to. As to what that might be, I do not have any idea. The only times we have seen password problems like you describe for RC2 is when the prior installation was done by an install helper script. But, bottom line, as Acrylian has said, it might be an issue with litespeed as we do not test, have no knowledge of that environment. udpate to 1.4.2 - atomicmak - 2012-01-03 sbillard the site is running almost a year on litespeed with htaccess discussed somewhere on forum here which i copied and its working. this issues started since last month or so. site is running right now and will check to see if that happens again will report here. i think litespeed is much more faster than apache i saw after i moved from apache to litespeed the speed ratio increase was almost 25%+ and then i set up cloudflare free service which again boosted up the images loading by 20% am sure there's nothing been happening on server side as this "setup script missing" appears random number of days not exact 15 as wrote for example. udpate to 1.4.2 - acrylian - 2012-01-03 Keep us updated on that. Zenphoto is intended to run on standard (shared) webhost which almost always run Apache (I don't know a single one that does not over here). If it runs fine on litespeed, that's great. udpate to 1.4.2 - sbillard - 2012-01-03 I am sure that there is [b]something[/b] that is changing on your server side. That is what Zenphoto is noticing and deciding that it's configuration is not correct and needs to be re-done by setup. That is how those messages come about. Zenphoto needs to run setup but the files are not there. (We do not expect the files to be there since we recommend thay be removed. The message is scheduled for improvement in clarity.) It could well be that the hack did cause the issue. If so your cleanup will solve the problem. [Did not know that Zenphoto had a hack detector ] No one is criticizing your running of lightspeed. It is just that we are not in a position to know what it might be doing differntly than apache, so cannot directly support it.) udpate to 1.4.2 - atomicmak - 2012-01-04 Sbillard i am not after your question about litespeed but so far what i seem to understand since last 6/8 months running on litespeed it seem much more faster than apache throwing faster request. please if something allows hereby i request the zenphoto should try to accommodate litespeed check also being faster webserver. i am no expert or techincal so far but yea 1500+ images serving faster. will surely update if i get the msg again. udpate to 1.4.2 - atomicmak - 2012-01-04 Ok i just found that all the php files been compromised with "turnitupnow.net" script added just after udpate to 1.4.2 - atomicmak - 2012-01-04 i found one more thing. after the jpMasonry css in Head there is one script This only visible when we do Inspect Element in Browser through developer Tools. If we Do View SOurce of Page there is not script visible. Any clue ? i totally deleted entire php files on server and uploaded fresh. udpate to 1.4.2 - acrylian - 2012-01-04 Sorry, you will have to ask the gjr, the creator of this theme, what this is about. I have no idea but I think this theme uses a lot of javascript so this might be it. Best you open a new topic so he spots it. udpate to 1.4.2 - atomicmak - 2012-01-04 acrylian its not about theme udpate to 1.4.2 - acrylian - 2012-01-04 I fear your site/server has not fully be cleaned from the hack or has again been hacked. That surely should not appear in standard themes and looking at the link closer now itself not in any theme. You should check your database as well. udpate to 1.4.2 - atomicmak - 2012-01-04 i am worried i have totally cleaned up the entire site's php files htaccess and recreated including database backup script checked with a friend coder which was claimed to be clean db. udpate to 1.4.2 - atomicmak - 2012-01-04 here the question arries why not in page source and why in Inspect element only it is visible ? udpate to 1.4.2 - atomicmak - 2012-01-04 just in case you want to try the same to check www.wildart.in udpate to 1.4.2 - acrylian - 2012-01-04 It must be specific to your site as viglink is some kind of affiliate program and acccess its api (see its website). So someone must have set that up or hacked it in. Again, this is nothing that is in standard themes (and I never heard of that site before). So I have no idea where that comes from. |