On several of the links, (lazzby-www.crownofchaos.com, blackkie-world1.criminalsrpg.net, fika-Samurai War 2, Lady_of_Darkness-www.phantasyrpg.com, stulax18-www.outragerp.com) when the click is supposed to be counted, I get a download message for a php file, which i cananot open, and no credit is given for the click. wassup? the CRIMES links are not loading, either.
Joined: 05 Jan 2004 Posts: 158 Location: At the Altar
Posted: Wed Sep 06, 2006 8:19 am
I changed computers and am not getting the pop-ups anymore...i cleared the cookies on the other computer and no page will open. Maybe it's a problem with your cookies...
problem is soley on FF too. Which leads to me think there's a possibility that it's a glitche instead of tampering, but i'm still leaning towards tampering involving cookies
_________________ "Whosoever therefore shall confess me before men, him will I confess also before my Father which is in Heaven." -- Matthew 10:32
"I can do all things through Christ which Strengtheneth me" -- Philippians 4:13
Joined: 05 Jan 2004 Posts: 158 Location: At the Altar
Posted: Wed Sep 06, 2006 4:40 pm
Yeah, it's also the worst security breach the site has ever had, I'd have yarold change the pw or accesability to the server and ftp, and also check in his headers and includes to make sure none of them have been tampered with...
_________________ "Whosoever therefore shall confess me before men, him will I confess also before my Father which is in Heaven." -- Matthew 10:32
"I can do all things through Christ which Strengtheneth me" -- Philippians 4:13
first i had the same problem on a few sites First with history and then with frames and an other time with login. Now I can't login to yarold with Mozilla at all.(It ask me what do do with the file php) With explorer the same problem so now and then
I hope you find the problem soon Good luck
I'm using windows XP with several accounts. loged in with my account i couldn't get login to yarold. But with another account ( on my pc) I could!
After deleting the historyfiles from yesterday on my own account it was possible to login again on my own account! deleting internetfiles and cookies didn't do the trick
Goto documents and settings ... user ... local settings.... history
Maybe this will help some ppl to login again
first i had the same problem on a few sites First with history and then with frames and an other time with login. Now I can't login to yarold with Mozilla at all.(It ask me what do do with the file php) With explorer the same problem so now and then
I hope you find the problem soon Good luck
i am having this prob too. whenever i go to yarold.ath.cx/swle/login.php, a download pops up for login.php. I was using Firefox, and i tried everything. Nothing worked. Then, i uninstalled it, and installed ie 7. after like 10 more tries on ie 7, it is working now.
not much has been release as a security problem
yes the table names and the coding has been viewed
but alot still isnt known
like what is in the include.php section
yes some people can see the code and launch some attacks. but its happened in the past and im sure the site has had measures set up in advanced
on, what could be having this problem, well even if someone downloads a php page, the server will still process the php code. but in this case the server isnt seeing the php code. something u can do is look into disabling downloading of pages, or images, i think its called leech protection, as a temp fix
but as the root of the problem
it seems like the php process is getting overloaded, by too many requests and shutting down, this could be a ddos or a buffer over flow, see what version yall have and make sure its current, if not patch/upgrade
other than that, thats all i can think of
hope the problem is resolved soon
now its happening on logout, and login pages, and index page
i cant even login without it offering me the login.php page
Joined: 08 Jan 2005 Posts: 53 Location: other side of reality
Posted: Sun Sep 10, 2006 10:07 pm
Also interesting to note: I got the php.file on a link on the main page - Yet can click the SAME link in history or dynasty page without getting it. Very strange....
All we can do is work around it until Yarold has a chance to check what's going on.
Joined: 05 Jan 2004 Posts: 158 Location: At the Altar
Posted: Mon Sep 11, 2006 9:30 pm
PaPPy wrote:
not much has been release as a security problem
yes the table names and the coding has been viewed
but alot still isnt known
like what is in the include.php section
yes some people can see the code and launch some attacks. but its happened in the past and im sure the site has had measures set up in advanced
on, what could be having this problem, well even if someone downloads a php page, the server will still process the php code. but in this case the server isnt seeing the php code. something u can do is look into disabling downloading of pages, or images, i think its called leech protection, as a temp fix
but as the root of the problem
it seems like the php process is getting overloaded, by too many requests and shutting down, this could be a ddos or a buffer over flow, see what version yall have and make sure its current, if not patch/upgrade
other than that, thats all i can think of
hope the problem is resolved soon
now its happening on logout, and login pages, and index page
i cant even login without it offering me the login.php page
This is one of the slower times for the site, in the past we have had as many as 100+ members on most of every day, so unless some change has been made to his server host, unintentional overloading shouldn't be a problem...
Which, after saying that, it is entirely possible that the host he uses has downgraded their servers, overloading their own servers or he has donwgraded his plan...But i wouldn't think so...
So that would sort of lead to saying that either this is NOT unintentional overloading, or this isnt' the problem at all. If the site is actually still suseptical to Denial of Service attacks, then he's basically in the stone age lol, but i would doubt that...
As to the actual problem, i don't really know, but i wish he'd fix it soon enough.
_________________ "Whosoever therefore shall confess me before men, him will I confess also before my Father which is in Heaven." -- Matthew 10:32
"I can do all things through Christ which Strengtheneth me" -- Philippians 4:13
Joined: 05 Jan 2004 Posts: 158 Location: At the Altar
Posted: Tue Sep 12, 2006 2:47 am
PaPPy wrote:
was just throwing that out there... *crawls back to his hole*
no no no, was a great suggestion and it's clear you have a good amount of insight and knowledge so don't think i was raggin on ya lol
Yarolds redirects now to a new server, so i have to assume it was a server problem, though this BB is still on the old server and i'm still getting the d/ls so yeah.
_________________ "Whosoever therefore shall confess me before men, him will I confess also before my Father which is in Heaven." -- Matthew 10:32
"I can do all things through Christ which Strengtheneth me" -- Philippians 4:13
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum