I love this script but 3 times now my hosting provider has disabled my site saying there is security problems with the scripts I am using. I have reduced the site down to efiction and yet they still do it. π Here is part of the support ticket notifying me of the site shutdown.
This e-mail is in regards to the ticket # 2****** that was submitted. Please be advised that the below specified files have been disabled due to being compromised and exploited to send abuse content via our systems:
./public/stories/admin.php
./public/stories/admin/categories.php
./public/stories/admin/characters.php
./public/stories/admin/classifications.php
./public/stories/admin/custpages.php
./public/stories/admin/mailusers.php
./public/stories/admin/maintenance.php
./public/stories/admin/members.php
./public/stories/admin/noletter.php
./public/stories/admin/stories.php
./public/stories/admin/validate.php
./public/stories/admin/versioncheck.php
./public/stories/admin/viewlog.php
./public/stories/admin/yesletter.php
./public/stories/authors.php
./public/stories/blocks/info/info.php
./public/stories/bridges/SMF/QueryString.php
./public/stories/bridges/SMF/blocks/info/info.php
./public/stories/bridges/SMF/profile.php
./public/stories/bridges/default/editbio.php
./public/stories/bridges/default/lostpassword.php
./public/stories/bridges/default/profile.php
./public/stories/bridges/eFic2eFic/editbio.php
./public/stories/browse.php
./public/stories/contact.php
./public/stories/includes/class.TemplatePower.inc.php
./public/stories/includes/corefunctions.php
./public/stories/includes/deletefunctions.php
./public/stories/includes/emailer.php
./public/stories/includes/phpmailer_include.php
./public/stories/includes/seriesblock.php
./public/stories/includes/smtp_include.php
./public/stories/includes/storyblock.php
./public/stories/includes/storyform.php
./public/stories/includes/upload_class.php
./public/stories/languages/en_admin.php
./public/stories/modules/challenges/browse.php
./public/stories/modules/challenges/challenges.php
./public/stories/modules/challenges/challengesby.php
./public/stories/reviews.php
./public/stories/search.php
./public/stories/series.php
./public/stories/stories.php
./public/stories/stories/default.php
./public/stories/user/contact.php
./public/stories/user/lostpassword.php
./public/stories/user/manageimages.php
./public/stories/user/profile.php
./public/stories/user/reviewsby.php
./public/stories/user/revreceived.php
./public/stories/user/revres.php
./public/stories/user/stats.php
./public/stories/viewpage.php
./public/stories/viewseries.php
./public/stories/viewstory.php
./public/stories/viewuser.php
Please locate and disable any insecure files, review all code/content for further vulnerabilities and we strongly recommend you to change the password for your WebsiteOS and other account passwords. As also you should scan all computers with updated scanning software. Once this will be done Please return to BUCE for notification.
I am extremely upset and have followed the installation instructions for the script to the letter to make sure I got all the file permissions right but still they disable all my work.
Aw, I'm sorry they did this to you.
due to being compromised and exploited to send abuse content via our systems
Does this mean you have been hacked? Perhaps you can replace the old files with new files from a brand new eFiction install. Failing that, would they be specific and tell you WHAT code has been exploited?
archive:
site:
Available for skin/mod commission! π
I cannot see the hack and they won't provide me with proof of a hack...upon further communication they told me I am using a forbidden script because of a number of exploits that can be executed through the script...not sure what they mean for sure π No real specifics
Which version of eFiction are you using? I'd love to say that the script is 100% secure, but that would be bull since there are always new hacks. We are a pretty secure script though. However, from the list of files they've disabled, I'd say they're full of it. There's no rhyme or reason for what files they've disabled. Many of these are included files that won't run at all unless called from within the parent file (in many cases a specific parent file!). Only a couple deal with e-mailing at all.
Did you turn CAPTCHA on? My best guess is that someone used the contact form to send spam to your users if you didn't have it protected by the CAPTCHA. I would ask for specific information about what was sent from your account. Ask them to forward one of the messages. All the messages from eFiction contain a footer at the bottom that identifies where it's from.
