Has file permissions on your server ever change mysteriously?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • bean-aid
    So Fucking Banned
    • Jun 2011
    • 16493

    #1

    Has file permissions on your server ever change mysteriously?

    Today, I went to check an htpasswd file that CCBill writes to on new sales. It needs to communicate with that file to generate the new user as well as update so user has access.

    The file is supposed to be set at 666 and was done so on 12-24-11 by me because new members not being able to sign up, those that could somehow signup could not log in because that file was not written to.

    Today, I checked the file again and it was back to 644.

    This is not the first time i've noticed this anomaly. It has happened on other sites as well with this same exact file.

    Has anyone had this happen to this file? Any ideas?
  • BSleazy
    Confirmed User
    • Aug 2002
    • 6721

    #2
    Whatever cms/script is probably doing that.
    icq 156131086

    Comment

    • WarChild
      Let slip the dogs of war.
      • Jan 2003
      • 17263

      #3
      Any chance the file was restored from backup? Is the sever totally unmanaged?
      .

      Comment

      • GFED
        Confirmed User
        • May 2002
        • 8121

        #4
        i've only had this problem with shared hosting from some places because they won't allow 666 or 777 permissions on files and require them to be 644 or 755. are you on a shared host?
        https://www.flow.page/savethechildren

        Comment

        • Slappin Fish
          Confirmed User
          • Jul 2007
          • 2512

          #5
          my host changed files permissions once before without warming

          Comment

          • porno jew
            Too lazy to set a custom title
            • Nov 2006
            • 10166

            #6

            Comment

            • bean-aid
              So Fucking Banned
              • Jun 2011
              • 16493

              #7
              Originally posted by BCyber
              Whatever cms/script is probably doing that.
              It happened to me before on a different site, different server. I can't see how it is a script of mine... sites were totally different and totally different setup.

              The only reason I check that file is from past experience with this same issue. When I see no sales for a period of time, which varies from the norm, I check that file.

              It is an unmanaged server, nothing was restored.

              Comment

              • BSleazy
                Confirmed User
                • Aug 2002
                • 6721

                #8
                Originally posted by beaner
                It happened to me before on a different site, different server. I can't see how it is a script of mine... sites were totally different and totally different setup.

                The only reason I check that file is from past experience with this same issue. When I see no sales for a period of time, which varies from the norm, I check that file.

                It is an unmanaged server, nothing was restored.
                If no scripts, cms's, backends (whatever you wanna call them) are the same then change all your passwords for everything and get a managed server. You might of been hacked. Shouldn't risk a money site on something unmanaged if you don't have a network admin that can deal with that shit.
                icq 156131086

                Comment

                • bean-aid
                  So Fucking Banned
                  • Jun 2011
                  • 16493

                  #9
                  Originally posted by BCyber
                  If no scripts, cms's, backends (whatever you wanna call them) are the same then change all your passwords for everything and get a managed server. You might of been hacked. Shouldn't risk a money site on something unmanaged if you don't have a network admin that can deal with that shit.
                  We will look into that... It's not managed by a host but certainly managed by a programmer who knows servers.

                  I posted to see if anyone else has had the same issue... I've seen it before on different site, different server, same file. Something triggers the change... it may be a hack but I am not leaning that direction. Will know more when it gets checked out.

                  Comment

                  • bean-aid
                    So Fucking Banned
                    • Jun 2011
                    • 16493

                    #10
                    Originally posted by BCyber
                    If no scripts, cms's, backends (whatever you wanna call them) are the same then change all your passwords for everything and get a managed server. You might of been hacked. Shouldn't risk a money site on something unmanaged if you don't have a network admin that can deal with that shit.
                    Do you think rsync 1 server to another server might set 666 file back to 644? I am in the middle of switching servers and it seems to have happened exactly at the start of the server transfer.

                    Comment

                    • 18teens
                      Confirmed User
                      • Dec 2002
                      • 1605

                      #11
                      Originally posted by beaner
                      Do you think rsync 1 server to another server might set 666 file back to 644?
                      Yes, I've had it happen.

                      Comment

                      • V_RocKs
                        Damn Right I Kiss Ass!
                        • Nov 2003
                        • 32449

                        #12
                        check rsync setting for permissions switch

                        Comment

                        • raymor
                          Confirmed User
                          • Oct 2002
                          • 3745

                          #13
                          Do you have a secondary processor? One particular processor will hose your .htpasswd and .htaccess files with their default script.

                          Before fixing it next time, look at the ctime, or inide change time. That will tell you exactly when the change was probably made.

                          Also that can happen when you edit a file. Say you download it, change it, delete the old, then upload the new. The new file will have default permissions, 644. You should instead overwrite the old file without deleting it.
                          For historical display only. This information is not current:
                          support@bettercgi.com ICQ 7208627
                          Strongbox - The next generation in site security
                          Throttlebox - The next generation in bandwidth control
                          Clonebox - Backup and disaster recovery on steroids

                          Comment

                          • bean-aid
                            So Fucking Banned
                            • Jun 2011
                            • 16493

                            #14
                            So it def. was the site transfer. Every time a transfer is initiated that file goes back to 644.

                            CCbill says that it must be set to 666 but when I asked my programmer he said it shouldn't matter. Obviously it does matter.

                            Anyone with programming experience with CCBill htpasswd file experience care to comment? My programmer just doesn't understand why a htpasswd file set at 644 can't be written to by CCBill but that, I have proven, to be a fact.

                            Comment

                            • Operator
                              So Fucking Banned
                              • May 2009
                              • 2419

                              #15
                              It doesn't sound malicious

                              Comment

                              • BSleazy
                                Confirmed User
                                • Aug 2002
                                • 6721

                                #16
                                jesus...
                                icq 156131086

                                Comment

                                • CyberHustler
                                  Masterbaiter
                                  • Feb 2006
                                  • 28750

                                  #17
                                  Dreamweaver has done that to me a few times... Tried changing permissions of one file and it ends up changing permissions of an entire directory instead somewhere else on my server.
                                  “If you can convince the lowest white man he’s better than the best colored man, he won’t notice you’re picking his pocket. Hell, give him somebody to look down on, and he’ll empty his pockets for you.”

                                  Comment

                                  Working...