Forum Post Assistant / FPA Discussion
Moderator: General Support Moderators
-
- Joomla! Fledgling
- Posts: 4
- Joined: Mon Apr 01, 2013 10:37 pm
Re: Forum Post Assistant / FPA Discussion
I'm trying to run de FPA on my site, but i can't get any results.
Turning on the diagnostic-mode is giving me the following message:
PHP Warning: readdir() expects parameter 1 to be resource, boolean given in /home/*****/public_html/fpa-en.php on line 1476
the script is in the same directory where joomla is installed, and all the folders seem to have the right permissions...
Any ideias?
Turning on the diagnostic-mode is giving me the following message:
PHP Warning: readdir() expects parameter 1 to be resource, boolean given in /home/*****/public_html/fpa-en.php on line 1476
the script is in the same directory where joomla is installed, and all the folders seem to have the right permissions...
Any ideias?
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
Re: Forum Post Assistant / FPA Discussion
It is unable to read one or more directories. Do you have any set to less than 755? Perhaps your host set some malware directories to something like 000 or a hack set some odd permissions on directories?
PhilD
-
- Joomla! Fledgling
- Posts: 4
- Joined: Mon Apr 01, 2013 10:37 pm
Re: Forum Post Assistant / FPA Discussion
yeah... i want to run the fpa exactly because i need to figure out if i was hacked, so the odd permissions are always a possibility. I can't see any folders with permissions below 755 though, and everywhere i looked seemed right... but i'm looking only to the folders using the cpanel file manager.PhilD wrote:It is unable to read one or more directories. Do you have any set to less than 755? Perhaps your host set some malware directories to something like 000 or a hack set some odd permissions on directories?
Any suggestion of a way to check the folder/subfolder permissions? I would like to check if something is wrong before starting to make changes to files and folders...
- leolam
- Joomla! Master
- Posts: 20652
- Joined: Mon Aug 29, 2005 10:17 am
- Location: Netherlands/ Germany/ S'pore/Bogor/ North America
- Contact:
Re: Forum Post Assistant / FPA Discussion
As Phil asked also: Is your public_html folder set to '750' or '000' (means locked)
In general just install Admin Tools and have Admin Tools set for you all permissions automatically to 755 and 644 ina your entire site
Leo
In general just install Admin Tools and have Admin Tools set for you all permissions automatically to 755 and 644 ina your entire site
Leo
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
-
- Joomla! Fledgling
- Posts: 4
- Joined: Mon Apr 01, 2013 10:37 pm
Re: Forum Post Assistant / FPA Discussion
Oh, i didn't got that... sorry!
My public_html file is set to '750'. I figured out that i had another random (non-jomla) folder set to '000' from a previously failed upload or something.
I'm able to run JPA now, tanx for the hints!
I can't figure out anything wrong in the report, but i should create a different post for that, right?
My public_html file is set to '750'. I figured out that i had another random (non-jomla) folder set to '000' from a previously failed upload or something.
I'm able to run JPA now, tanx for the hints!
I can't figure out anything wrong in the report, but i should create a different post for that, right?
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
Re: Forum Post Assistant / FPA Discussion
Yes, create a post in the appropriate forum so we can help.
PhilD
-
- Joomla! Intern
- Posts: 50
- Joined: Fri Aug 19, 2005 11:42 am
- Location: near Munich
Re: Forum Post Assistant / FPA Discussion
General question... I was hacked and had a few trojans in the /tmp folder. So I used fpa (and other check scripts) to find illegal files in my joomla root and subfolders.
What I have now are the following new mysql databases named "bf_core_hashes, bf_files, bf_folders,
bf_folders_to_scan und bf_scan_state" and I don't know if these came from fpa, or from the myjoomla.com a udit, or is this from the trojan I had, or or or ....!?
What I have now are the following new mysql databases named "bf_core_hashes, bf_files, bf_folders,
bf_folders_to_scan und bf_scan_state" and I don't know if these came from fpa, or from the myjoomla.com a udit, or is this from the trojan I had, or or or ....!?
You do not have the required permissions to view the files attached to this post.
Regards,
Heart
Heart
- PhilTaylor-Prazgod
- Joomla! Ace
- Posts: 1403
- Joined: Sat Aug 20, 2005 12:32 pm
- Location: Jersey, Channel Islands
- Contact:
Re: Forum Post Assistant / FPA Discussion
Tables prefixed with bf_ (and not your db prefix like jos_bf_*) are created by the myJoomla.com web service and be safely deleted at any time. They will be regenerated each time you run an audit using the security service at myJoomla.com
If you have any further questions about the service of myJoomla.com please contact me directly using the contact form on the website. I do not monitor this forum :-)
Kindest regards
Phil.
If you have any further questions about the service of myJoomla.com please contact me directly using the contact form on the website. I do not monitor this forum :-)
Kindest regards
Phil.
Phil Taylor
- https://mySites.guru - Manage Multiple Joomla/WordPress Sites In One Dashboard for Security, Audits, Backups and more....
- https://www.phil-taylor.com/
- https://mySites.guru - Manage Multiple Joomla/WordPress Sites In One Dashboard for Security, Audits, Backups and more....
- https://www.phil-taylor.com/
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
-
- Joomla! Apprentice
- Posts: 41
- Joined: Mon Feb 05, 2007 11:21 am
Re: Forum Post Assistant / FPA Discussion
where can i download FPA ?
The links existing are just downloading a *zip file which is empty.
Thank you for your time reading this.
Regards,
the_observer.
The links existing are just downloading a *zip file which is empty.
Thank you for your time reading this.
Regards,
the_observer.
- leolam
- Joomla! Master
- Posts: 20652
- Joined: Mon Aug 29, 2005 10:17 am
- Location: Netherlands/ Germany/ S'pore/Bogor/ North America
- Contact:
Re: Forum Post Assistant / FPA Discussion
I confirm this and I have contacted the moderators on thisthe_observer wrote:The links existing are just downloading a *zip file which is empty.
Leo
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
Re: Forum Post Assistant / FPA Discussion
The links are correct, but I think there is currently an issue with the zipball service of github.
PhilD
- leolam
- Joomla! Master
- Posts: 20652
- Joined: Mon Aug 29, 2005 10:17 am
- Location: Netherlands/ Germany/ S'pore/Bogor/ North America
- Contact:
Re: Forum Post Assistant / FPA Discussion
Thanks Phil for the prompt reply!
Leo
Leo
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
Re: Forum Post Assistant / FPA Discussion
As a temporary measure while I sort the GitHub issues, I have uploaded a zip version of the FPA file and docs to the Forum Post Assistant / FPA topic in the 2.5 security forum.
http://forum.joomla.org/viewtopic.php?f=621&t=582860
File that is attached is named FPA-en-GB.zip
http://forum.joomla.org/viewtopic.php?f=621&t=582860
File that is attached is named FPA-en-GB.zip
PhilD
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
Re: Forum Post Assistant / FPA Discussion
Update.
The normally reliable GitHub had some issues yesterday that affected some repositories. The FPA repository was one of those affected.
The links to the FPA Github download have been restored to the Forum Post Assistant / FPA topic in the 2.5 security forum. http://forum.joomla.org/viewtopic.php?f=621&t=582860
The normally reliable GitHub had some issues yesterday that affected some repositories. The FPA repository was one of those affected.
The links to the FPA Github download have been restored to the Forum Post Assistant / FPA topic in the 2.5 security forum. http://forum.joomla.org/viewtopic.php?f=621&t=582860
PhilD
-
- Joomla! Apprentice
- Posts: 22
- Joined: Fri Jan 30, 2009 10:10 pm
Re: Forum Post Assistant / FPA Discussion
I am attempting to run FPS for the first time on one of my sites and have run into the following error and I am not sure how to handle it and Google has been no help...
Array ( [0] => apache_child_terminate [1] => apache_request_headers [2] => apache_response_headers [3] => getallheaders )
Thanks for any assistance.
Array ( [0] => apache_child_terminate [1] => apache_request_headers [2] => apache_response_headers [3] => getallheaders )
Thanks for any assistance.
-
- Joomla! Apprentice
- Posts: 5
- Joined: Wed Jun 12, 2013 8:43 pm
Re: Forum Post Assistant / FPA Discussion
hi
i tried to run fpa from my browser and this the results
Parse error: syntax error, unexpected $end in /home/k4724275/public_html/fpa-en.php on line 5609
whats wrong?
i tried to run fpa from my browser and this the results
Parse error: syntax error, unexpected $end in /home/k4724275/public_html/fpa-en.php on line 5609
whats wrong?
-
- Joomla! Apprentice
- Posts: 16
- Joined: Sun Mar 03, 2013 6:06 pm
Re: Forum Post Assistant / FPA Discussion
Dear All,
In my WIMP (Windows/IIS/MySQL/PHP) stack, FPA always reports folder permissions as 777.
No matter what I do: Take ownership, make me the sole owner, give no one permissions but myself and even that, give myself only Read permission it still says: 777.
Can somebody confirm / replicate this?
Thank you,
---
Theodore.
In my WIMP (Windows/IIS/MySQL/PHP) stack, FPA always reports folder permissions as 777.
No matter what I do: Take ownership, make me the sole owner, give no one permissions but myself and even that, give myself only Read permission it still says: 777.
Can somebody confirm / replicate this?
Thank you,
---
Theodore.
- Per Yngve Berg
- Joomla! Master
- Posts: 30935
- Joined: Mon Oct 27, 2008 9:27 pm
- Location: Romerike, Norway
Re: Forum Post Assistant / FPA Discussion
The Windows File System does not have an access permission based on owner. Therefore it always shows 3 equal numbers.
-
- Joomla! Apprentice
- Posts: 16
- Joined: Sun Mar 03, 2013 6:06 pm
Re: Forum Post Assistant / FPA Discussion
Thank you for your reply.Per Yngve Berg wrote:The Windows File System does not have an access permission based on owner. Therefore it always shows 3 equal numbers.
Why then the numbers are 7 (Full Control) even if I only give Read-Only perms to the owner?
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
Re: Forum Post Assistant / FPA Discussion
See this doc page for an explanation of windows file permissions and how to relate them to unix file permissions.
Most local development servers and the computers they run on are not intended or set up properly for permissions/ownerships and should not be used for live hosting.
The FPA reports the effective permissions that are seen by the php process run by the web server. So if it (FPA) reports 777 then that is the effective permissions seen by the web server installed on the computer. It can be a pain to properly setup the ownerships and permissions under standard windows installs and pass those permissions to the webserver properly.
Most local development servers and the computers they run on are not intended or set up properly for permissions/ownerships and should not be used for live hosting.
The FPA reports the effective permissions that are seen by the php process run by the web server. So if it (FPA) reports 777 then that is the effective permissions seen by the web server installed on the computer. It can be a pain to properly setup the ownerships and permissions under standard windows installs and pass those permissions to the webserver properly.
PhilD
-
- Joomla! Apprentice
- Posts: 16
- Joined: Sun Mar 03, 2013 6:06 pm
Re: Forum Post Assistant / FPA Discussion
There is no link but I believe you mean the following:PhilD wrote:See this doc page for an explanation of windows file permissions and how to relate them to unix file permissions.
...
http://docs.joomla.org/How_do_Windows_f ... ns_work%3F
So, you're saying that you (or somebody else) have tried FPA in an NTFS environment and found it to properly report permissions?
(Other than 777 obviously)
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
Re: Forum Post Assistant / FPA Discussion
I'm not going to claim to be any expert on permissions and acl settings in windows.
I believe the original author of the FPA did testing on Unix and IIs boxes and I believe the methods used are proven correct in those environments.
The FPA is written in php and uses a standard php calls for determining the effective permission levels, and ownerships, and reports the permissions as they are reported to the php process.
Running a *amp (xamp, wamp, etc) install under windows is vastly different than running an actual IIs server. *amp installs are not by default secure, nor are intended to be secure out of the box and are generally intended to be a development environment for testing. When running a *amp install, the ports of the apache server, mysql server, cgi, and php etc. are running on top of the windows install. Most windows do not have the correct settings for server use and the install will inherit the permissions, groups, etc. of the current user which are normally incorrect.
I believe the original author of the FPA did testing on Unix and IIs boxes and I believe the methods used are proven correct in those environments.
The FPA is written in php and uses a standard php calls for determining the effective permission levels, and ownerships, and reports the permissions as they are reported to the php process.
Running a *amp (xamp, wamp, etc) install under windows is vastly different than running an actual IIs server. *amp installs are not by default secure, nor are intended to be secure out of the box and are generally intended to be a development environment for testing. When running a *amp install, the ports of the apache server, mysql server, cgi, and php etc. are running on top of the windows install. Most windows do not have the correct settings for server use and the install will inherit the permissions, groups, etc. of the current user which are normally incorrect.
PhilD
-
- Joomla! Apprentice
- Posts: 16
- Joined: Sun Mar 03, 2013 6:06 pm
Re: Forum Post Assistant / FPA Discussion
I believe it so, but as I am sure you undertand, beliefs and hopes don't have any substance in this context do they?PhilD wrote: ...
I believe the original author of the FPA did testing on Unix and IIs boxes and I believe the methods used are proven correct in those environments.
...
I never ran an *amp install and never said I did. I said I am running a WIMP STACK!PhilD wrote: ...
Running a *amp (xamp, wamp, etc) install under windows is vastly different than running an actual IIs server. *amp installs are not by default secure, nor are intended to be secure out of the box and are generally intended to be a development environment for testing.
...
That is:
On a running Windows Server 2003 machine I installed IIS6 as per MS directions.
After that I installed MySQL.
After that I installed PHP, taking every care to install it properly and securely.
I never claimed papal infallibility either! I could very well be mistaken!PhilD wrote: I'm not going to claim to be any expert on permissions and acl settings in windows.
...
But somebody PROVE me wrong and I will happily shout: "Mea culpa!"
-
- Joomla! Apprentice
- Posts: 21
- Joined: Fri Jul 09, 2010 4:39 pm
Re: Forum Post Assistant / FPA Discussion
Found a minor bug in the code.
When pulling values out of the configuration.php file, it ignores if a value is inside a comment. I have one file that I can update for use locally or on the production server, so I have commented out a line that reads:
This line was immediately before the line used by the system.
For this reason, I wasn't getting any of the database info, since my hosting provider uses a db running at a different url.
Once I changed the order of these lines, then fpa picked up the correct value.
It should be easy to have preg_match detect a line starting with '//', but it might require removal of all /* ... */ comments before extracting information.
Hope this might help others who want to see info that is not coming thru.
WebMuse
When pulling values out of the configuration.php file, it ignores if a value is inside a comment. I have one file that I can update for use locally or on the production server, so I have commented out a line that reads:
Code: Select all
// public $host = 'localhost';
For this reason, I wasn't getting any of the database info, since my hosting provider uses a db running at a different url.
Once I changed the order of these lines, then fpa picked up the correct value.
It should be easy to have preg_match detect a line starting with '//', but it might require removal of all /* ... */ comments before extracting information.
Hope this might help others who want to see info that is not coming thru.
WebMuse
- PhilD
- Joomla! Hero
- Posts: 2737
- Joined: Sat Oct 21, 2006 10:20 pm
- Location: Wisconsin USA
- Contact:
-
- Joomla! Fledgling
- Posts: 1
- Joined: Sat Aug 17, 2013 7:09 am
Re: Forum Post Assistant / FPA Discussion
I have the same problem. Is there any solution?webolution wrote:I am attempting to run FPS for the first time on one of my sites and have run into the following error and I am not sure how to handle it and Google has been no help...
Array ( [0] => apache_child_terminate [1] => apache_request_headers [2] => apache_response_headers [3] => getallheaders )
Thanks for any assistance.
-
- Joomla! Apprentice
- Posts: 19
- Joined: Mon Aug 19, 2013 9:47 pm
Re: Forum Post Assistant / FPA Discussion
One of the sites I just inherited has definitely been compromised. I have downloaded the fpa tool and have been trying to run it.
Unfortunately rackspace has its cloud sites set to timeout after 30 seconds which dosnt seem to be long enough for the tool to run and return the results. I have tried to change the max execution time in the script itself but it turns out that no matter what I do with the php rackspaces load balancers are set to time out after 30 seconds. I can run this script as a cron job but I dont think I can see the output then.
Can anyone tell me how to modify the script so that it exports the results to a new file in the same dir as the script? that way I can visit that page and view the results after the script has run.
Unfortunately rackspace has its cloud sites set to timeout after 30 seconds which dosnt seem to be long enough for the tool to run and return the results. I have tried to change the max execution time in the script itself but it turns out that no matter what I do with the php rackspaces load balancers are set to time out after 30 seconds. I can run this script as a cron job but I dont think I can see the output then.
Can anyone tell me how to modify the script so that it exports the results to a new file in the same dir as the script? that way I can visit that page and view the results after the script has run.
-
- Joomla! Apprentice
- Posts: 9
- Joined: Tue Jul 30, 2013 6:58 am
Re: Forum Post Assistant / FPA Discussion
As of today those links tothe Github is not working. Is there any other place from where I can download the FPA?