IMPORTANT. Dolphin 6.1.3 Security Patch Release
The Dolphin 6.1.3 Security patch is released. This patch fixes vulnerabilities when the PHP setting "register_globals" is on.
Hence, it covers much code re-work overall. This patch should be applied only to 6.1.2 (no earlier versions) to move to 6.1.3 using these instructions. You are recommended to apply it, even though you have applied solutions provided by other members here, as this is more comprehensive.
For those who are taking steps by upgrading from earlier versions up to the latest release above, please make sure that "register_globals" is set to OFF on your host.
See All ›
About BoonEx•Contacts•© BoonEx (ACN 127966581)
Or maybe i dont have to use this, cause my registerd_globals are setted to off, this means i dont need it, right?
Cheers,
Jerry
just to clarify, although this patch makes it safer for dolphin site on hosts with register globals on. boonex still recommend, (as it is much safer all round) to choose a host with register globals off.
That was quick easy and painless... now let's see what the hackers do to counter.
many thanks from germany!
On another but related subject... I checked my 'cache' folder and found a sub-folder named "PPP" which contains two "acct.php" and "index.html" files.
Are these normal? I have tried to download a copy and delete the files from my server but i can't do it.
Also, I have deleted the files under the 'cache' folder" just for my own security measure. is this OK.
Please advise.
1) What shall I do/change to delete these files?
2) How could i transmit you the 'unknown' files?
thanks and let me know.
That map is owned by the server, thats the reasons you can't delete or rename it.
Warning: fopen(/MYSITE/orca/conf/params.conf): failed to open stream: Permission denied in /MYSITE/orca/inc/util.inc.php on line 263
Warning: Cannot modify header information - headers already sent by (output started at /MYSITE/orca/inc/util.inc.php:263) in /MYSITE/orca/inc/util.inc.php on line 36
Warning: Cannot modify header information - headers see more
Patch will not erase viruses :)
You should clean your dolphin before
We recommend HFW just because this is very stable and allow change all params just using .htaccess file (use php_flag register_globals Off here)
It will take you to http://www.boonex.com/trac/dolphin/wiki/6.1.2to6.1.3 Where the directions and links to patches are.
I use firefox 3... Dolphin updated from 6.1.2 to 6.1.3 before the patch no problems...
Warning: Cannot modify header information - headers already sent by (output started at /home/harry2/domains/hobipoint.nl/public_html/inc/header.inc.php:1) in /home/harry2/domains/hobipoint.nl/public_html/inc/design.inc.php on line 633
Warning: Cannot modify header information - headers already sent by (output started at /home/harry2/domains/hobipoint.nl/public_html/inc/header.inc.php:1) in /home/harry2/domains/hobipoint.nl/public_html/inc/design.inc.php on line see more
Sounds like you might have omitted the line where you should insert a new.
1 little line or missed file could potentially cause errors or problems. The good news with this one is no database updating.
I'd double check the instructions and back trace all your steps for starters.
Warning: require_once(BX_DIRECTORY_PATH_INCprofiles.inc.php) [function.require-once]: failed to open stream: No such file or directory in /home/connect/public_html/admin/index.php on line 26
Fatal error: require_once() [function.require]: Failed opening required 'BX_DIRECTORY_PATH_INCprofiles.inc.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/connect/public_html/admin/index.php on line 26
And this under Orca
Warning: require_once(BX_DIRECTORY_PATH_ROOTgroups/orca/layout/uni/params.php) see more
are here present line
define('BX_DIRECTORY_PATH_INC', $dir['inc']);
and
define('BX_DIRECTORY_PATH_ROOT', $dir['root']);
?
Help!
Stuart
I built a brand new Dolphin upgraded all the way from 6.1.1 to 6.1.3 had no problems. Forgot to update the header.inc.php and guess what error I got :) Updated language files no problem. I am currently running RG_off.
When I did the upgrade on GGsite all went fine but I am still being punched :) IT DID tweek the attack thou...I'll send you the Log File. Still No Infections!