Drawing attention to a helpdesk ticket (really sorry to do this).

Tamsin · February 28th, 2008, 7:38 AM

I've only just submitted this ticket, but I just wanted to drop in here and draw attention to it, since it is the hugest problem by far that I have EVER, EVER had, and it's already had some serious ramifications in just the time I've been asleep.

Looks like last night Apache was recompiled on my dedicated server by helpdesk, to fix a completely non-related issue issue. However, it has not be compiled with PHP support from the looks of things, and NONE of my PHP files are now being parsed server side at all - they are displaying in browser windows. This has already caused at least five of my database username/passwords to be compromised, and I am desperately trying to do damage control now by deleting any file that queries sql, but I have no idea if this information has circulated yet, no way to change the usernames/passwords (as obviously I can't access PMA either), and it would be a ten second task for someone who managed to download one of my scripts pulling sql information to upload it elsewhere, modify it and pull/change information from my dbs right now, so I am literally having something of a crisis.

ANYTHING that could be done to help this process be sped along right now would be hugely, hugely appreciated.

Tamsin · February 28th, 2008, 9:04 AM

Bleh, ignore this. For some bizarre reason, AddType application/x-httpd-php .php had been commented out in PHP conf. Fixed the issue and restarted Apache and everything back to normal now.

Could still benefit from some help with damage control, but I've managed to resolve the huge issue.

**Dan** · February 28th, 2008, 9:12 AM

Glad you figured out your problem, but next time if you're going to request help with a ticket through the forums, please leave us the ticket ID so we can at least look it up

H · February 28th, 2008, 10:17 AM

This is why dispatch files are helpful. And even more so, why having config files outside of the document_root is important.

Sorry that it happened, but everytime I tell people to move connection files and even other important files out of the public_html root, they kinda laugh and say it'll never happen. But if it does... yep, password exposure = BAD.

February 28th, 2008, 7:38 AM	#1 (permalink)
Tamsin Registered User Fresh Surpasser Joined in Feb 2008 8 posts Gave thanks: 0 Thanked 0 times	Drawing attention to a helpdesk ticket (really sorry to do this). I've only just submitted this ticket, but I just wanted to drop in here and draw attention to it, since it is the hugest problem by far that I have EVER, EVER had, and it's already had some serious ramifications in just the time I've been asleep. Looks like last night Apache was recompiled on my dedicated server by helpdesk, to fix a completely non-related issue issue. However, it has not be compiled with PHP support from the looks of things, and NONE of my PHP files are now being parsed server side at all - they are displaying in browser windows. This has already caused at least five of my database username/passwords to be compromised, and I am desperately trying to do damage control now by deleting any file that queries sql, but I have no idea if this information has circulated yet, no way to change the usernames/passwords (as obviously I can't access PMA either), and it would be a ten second task for someone who managed to download one of my scripts pulling sql information to upload it elsewhere, modify it and pull/change information from my dbs right now, so I am literally having something of a crisis. ANYTHING that could be done to help this process be sped along right now would be hugely, hugely appreciated.

February 28th, 2008, 9:12 AM	#3 (permalink)
Dan Staff of Surpass Super #1 Joined in Apr 2007 2,463 posts Gave thanks: 119 Thanked 163 times	Glad you figured out your problem, but next time if you're going to request help with a ticket through the forums, please leave us the ticket ID so we can at least look it up __________________ D4nz Net - Surpass Help Desk - NES Forever Use the thanks button. It works! AIM: dansorl

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

February 28th, 2008, 9:04 AM	#2 (permalink)
Tamsin Registered User Fresh Surpasser Joined in Feb 2008 8 posts Gave thanks: 0 Thanked 0 times	Bleh, ignore this. For some bizarre reason, AddType application/x-httpd-php .php had been commented out in PHP conf. Fixed the issue and restarted Apache and everything back to normal now. Could still benefit from some help with damage control, but I've managed to resolve the huge issue.

February 28th, 2008, 10:17 AM	#4 (permalink)
H after g, before i Super #1 Joined in Jul 2004 Hosted on Gojira 7,870 posts Gave thanks: 44 Thanked 127 times	This is why dispatch files are helpful. And even more so, why having config files outside of the document_root is important. Sorry that it happened, but everytime I tell people to move connection files and even other important files out of the public_html root, they kinda laugh and say it'll never happen. But if it does... yep, password exposure = BAD.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)