CMS Made Simple Forums

All of our 1.9.4.1, 1.9.4.2 and 1.9.4.3 sites on TWO separate servers in two countries have gone down with the same error.

Parse error: syntax error, unexpected T_STRING in /home/website/public_html/index.php on line 253

They all went down at exactly the same time.

Our server guys advise that they have not made any PHP changes.

Is anyone able to give me some advice regarding what I should be looking for to fix this.

Thanks in advance.

This is most likely due to change in the default PHP versions - yes I'm saying that despite what your admins have told you.

You could try adding this line to the beginning of the .htaccess file - it works in some cases (depending on your hosting provider).

-S

Thanks for your response spcherub

This was caused by a 'spam links' footer virus that targets googlebot
Information about it can be found over here: http://www.google.com/support/forum/p/W ... b074&hl=en

line 253 of index.php was this: Removing it brought the sites back up.

We've also removed the malware code from admin/footer.php.

Now to find an effective way to scan each site for any further malicious code and to find a way to avoid it happening again.

If you are on shared hosting servers, you may want to inform the hosting provider of this incident. Sometimes holes in the security settings can allow other users to get access to your files.

Also there are some known security issues with the News module in the earlier versions of CMSMS, so you may want to upgrade all of them to 1.9.4.3. Doing the upgrade may also wipe out other locations where code may have been affected.

Finally you may want to run a System Verification (from the Admin panel). This will also let you know which code files are different from their as-distributed versions.

(I apologize for my earlier incomplete post - I realize that in my hurry I forgot to actually post the line of code for the .htaccess file!)