No announcement yet.

FAQ displays primary parent level topics, but will not display children, returns 500 error

  • Filter
  • Time
  • Show
Clear All
new posts

  • Lynne
    I'm glad you figured out the problem.

    You realize you've been hacked though, right? So, you need to go through the following steps to secure your site.

    There are four steps to securing your site. If you don't do them all or you do them in the wrong order than you're still susceptible to being attacked again.

    Close the hole...
    This has three subparts in this instance.
    1. Delete your install folder
    2. Review your admin users and delete any that don't belong. Don't ban them. Don't make them regular users. Delete them.
    3. Close access to your AdminCP using .htaccess. Use either user authorization with a different username and password or IP address restrictions.

    Fill the Hole...
    There are seven subparts in this instance.
    1. Review your files for changes. You can do this under Maintenance -> Diagnostics.
    2. Delete any Suspect Files.
    3. Replace any files marked as "Does not contain expected contents"
    4. Scan your plugins for malicious code (exec, base64, system, pass_thru, iframe are all suspect keywords). Delete any you find.
    5. Repair any templates. Any templates that you don't have notes on changing, you need to revert. If you're using a custom style, it is best to delete your existing style and reimport from a fresh download.
    6. Update your Addon Products.
    7. Rebuild your datastores. You can use tools.php in the "do not upload" folder to do this. Upload it to your admincp directory, delete when done.

    Secure the Hole
    Parts of this were done by closing the hole but there are still things to do here.
    1. Keep notes of all changes you make to the system - what templates and phrases you change, what files belong to which addons, what plugins do the addons install.
    2. Consider using a separate Super Admin who has access to admin logs in the AdminCP. There should be only one Super Admin.
    3. Create a lower permission Administrator for every day use.
    4. Review your permissions in the system.
    5. Block off access to the includes, modcp, packages and vb folders via .htaccess. Deny All can work here, unless you use the ModCP. You need user authorization there.
    6. Move your attachments outside the forum root directory.
    7. Create a complete backup of your site. Make database backups weekly.

    You need to keep active on the security of the site.
    1. Give out the fewest permissions necessary for anyone to do their job
    2. Make sure your hosting provider updates the software.
    3. Update to the latest vBulletin when it is released.
    4. Make sure your addons are always up to date.

    Leave a comment:

  • Spark
    I disabled all plugins and products and couldn't figure out what was going on, then I noticed a bunch of "TEST" plugins under sphinx search. Guess what they contained? Kill commands for the FAQ. Sigh. Deleted them all and surprise - faq showed back up

    Leave a comment:

  • Spark
    Ah my mistake. I've been disabling them one at a time and haven't had any luck getting it to work. Frustrating!

    Leave a comment:

  • Mark.B
    vBadvanced is a modification.

    In the first instance, you need to disable ALL plugins to see if the error persists.

    Leave a comment:

  • Spark
    We don't use any mods. We have a couple plugins such as vBadvanced but otherwise the site is pretty much stock

    Leave a comment:

  • Lynne
    The error is from a modification. So, you would need to find that modification/plugin (it uses the global_start hook location) and fix it in order to get rid of the error.

    Leave a comment:

  • Spark
    Second bump, really could use any kind of help with this.

    Leave a comment:

  • Spark
    Follow up - when looking in global.php line 29 has apparently been depreciated. Commenting out that line fixes the FAQ, HOWEVER it shuts down the main page of the site which is built using vBAdvanced CPMS.

    Any help?

    Leave a comment:

  • FAQ displays primary parent level topics, but will not display children, returns 500 error

    Specific error from error log is
    [Sun Aug 17 19:27:37 2014] [error] [client] PHP Parse error: syntax error, unexpected $end in /srv/www/html/forums/global.php(29) : eval()'d code(1) : eval()'d code on line 1, referer:
    Not really sure what's going on here. I thought that it might be an html error in one of the child FAQ statements, but that doesn't seem to be the case.

    VB Version: 4.2.2 pl1 (upgraded hoping this would fix it)
    PHP 5.2.17
    Not sure the MySQL as it's late
    No addons that would effect this
    Occurs in default style
    Occurs in all browsers - error message is blank white screen
    Recreate issue: click on link above, select any topic.
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.