GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Has file permissions on your server ever change mysteriously? (https://gfy.com/showthread.php?t=1054833)

bean-aid 01-24-2012 11:19 PM
Has file permissions on your server ever change mysteriously?
 
Today, I went to check an htpasswd file that CCBill writes to on new sales. It needs to communicate with that file to generate the new user as well as update so user has access.

The file is supposed to be set at 666 and was done so on 12-24-11 by me because new members not being able to sign up, those that could somehow signup could not log in because that file was not written to.

Today, I checked the file again and it was back to 644.

This is not the first time i've noticed this anomaly. It has happened on other sites as well with this same exact file.

Has anyone had this happen to this file? Any ideas?

BSleazy 01-24-2012 11:21 PM
Whatever cms/script is probably doing that.

WarChild 01-24-2012 11:21 PM
Any chance the file was restored from backup? Is the sever totally unmanaged?

GFED 01-24-2012 11:23 PM
i've only had this problem with shared hosting from some places because they won't allow 666 or 777 permissions on files and require them to be 644 or 755. are you on a shared host?

Slappin Fish 01-24-2012 11:23 PM
my host changed files permissions once before without warming

porno jew 01-24-2012 11:25 PM
http://webrulon.com/wp-content/uploa...08/hackers.jpg

bean-aid 01-24-2012 11:30 PM
Quote:
Originally Posted by BCyber (Post 18710278)
Whatever cms/script is probably doing that.
It happened to me before on a different site, different server. I can't see how it is a script of mine... sites were totally different and totally different setup.

The only reason I check that file is from past experience with this same issue. When I see no sales for a period of time, which varies from the norm, I check that file.

It is an unmanaged server, nothing was restored.

BSleazy 01-24-2012 11:40 PM
Quote:
Originally Posted by beaner (Post 18710292)
It happened to me before on a different site, different server. I can't see how it is a script of mine... sites were totally different and totally different setup.

The only reason I check that file is from past experience with this same issue. When I see no sales for a period of time, which varies from the norm, I check that file.

It is an unmanaged server, nothing was restored.
If no scripts, cms's, backends (whatever you wanna call them) are the same then change all your passwords for everything and get a managed server. You might of been hacked. Shouldn't risk a money site on something unmanaged if you don't have a network admin that can deal with that shit.

bean-aid 01-24-2012 11:52 PM
Quote:
Originally Posted by BCyber (Post 18710304)
If no scripts, cms's, backends (whatever you wanna call them) are the same then change all your passwords for everything and get a managed server. You might of been hacked. Shouldn't risk a money site on something unmanaged if you don't have a network admin that can deal with that shit.
We will look into that... It's not managed by a host but certainly managed by a programmer who knows servers.

I posted to see if anyone else has had the same issue... I've seen it before on different site, different server, same file. Something triggers the change... it may be a hack but I am not leaning that direction. Will know more when it gets checked out.

bean-aid 01-25-2012 02:51 PM
Quote:
Originally Posted by BCyber (Post 18710304)
If no scripts, cms's, backends (whatever you wanna call them) are the same then change all your passwords for everything and get a managed server. You might of been hacked. Shouldn't risk a money site on something unmanaged if you don't have a network admin that can deal with that shit.
Do you think rsync 1 server to another server might set 666 file back to 644? I am in the middle of switching servers :( and it seems to have happened exactly at the start of the server transfer.

18teens 01-25-2012 03:45 PM
Quote:
Originally Posted by beaner (Post 18711900)
Do you think rsync 1 server to another server might set 666 file back to 644?
Yes, I've had it happen.

V_RocKs 01-25-2012 05:11 PM
check rsync setting for permissions switch

raymor 01-25-2012 05:18 PM
Do you have a secondary processor? One particular processor will hose your .htpasswd and .htaccess files with their default script.

Before fixing it next time, look at the ctime, or inide change time. That will tell you exactly when the change was probably made.

Also that can happen when you edit a file. Say you download it, change it, delete the old, then upload the new. The new file will have default permissions, 644. You should instead overwrite the old file without deleting it.

bean-aid 01-27-2012 12:21 AM
So it def. was the site transfer. Every time a transfer is initiated that file goes back to 644.

CCbill says that it must be set to 666 but when I asked my programmer he said it shouldn't matter. Obviously it does matter.

Anyone with programming experience with CCBill htpasswd file experience care to comment? My programmer just doesn't understand why a htpasswd file set at 644 can't be written to by CCBill but that, I have proven, to be a fact.

Operator 01-27-2012 12:56 AM
It doesn't sound malicious

BSleazy 01-27-2012 01:07 AM
jesus...

CyberHustler 01-27-2012 01:39 AM
Dreamweaver has done that to me a few times... Tried changing permissions of one file and it ends up changing permissions of an entire directory instead somewhere else on my server.


All times are GMT -7. The time now is 12:48 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123