heycm Posted September 28, 2014 Posted September 28, 2014 SERVER: stevieUSER: ufniDOMAIN: ufnpsi.com Hey, I checked back in to see what script it was and my account was suspended again. I was under the apparently mistaken impression that I had removed all web access from the proxy script, but I'll just take it off the server. Please unsuspend so I can FTP in. Thanks,Michael
wolstech Posted September 28, 2014 Posted September 28, 2014 As expected, it was high server load...you've been suspended for this numerous times now. Removing web access to that proxy won't fix it, as your personal use is probably the cause of the load. Please remove the proxy entirely; we normally only give people 2 chances to fix load issues, and this is easily your fourth or fifth. You may not get unsuspended if this happens again. Your account has been unsuspended again.
heycm Posted September 28, 2014 Author Posted September 28, 2014 Okay, well it's not my personal use. I have now taken it off the server. I'd like to know how it was accessed if you believe it was being accessed internally somehow. I don't use it personally. It didn't work, so I removed web access and made a XAMPP test server on my win machine, using the local mirror as the directory structure. I gave up on using the TPB proxy since I now use alternate methods which circumvent my ISP. I reiterate: I DO NOT USE IT PERSONALLY; IT NEVER WORKED, but if you'd like to tell me who is using it (could it be a robot?), please FWD your IP access logs, since I don't think those are available on the cPanel. I have not used it since it started breaking many months ago and that was when I removed web access by removing web access via the domain/directory mapping in the cPanel virtual directories. Besides, without shell access, how exactly is one to use a script sans web access do you suppose? Did you update your bash shells? There's been a bug since 1.4 you know. Thanks,Michael
hussam Posted September 28, 2014 Posted September 28, 2014 Regarding the bash bug, not trying to say it is not a major bug because it is indeed a huge bad one.However, they don't allow ssh or php functions that can execute processes at heliohost so we are basically more or less safe.I recompiled bash on my computer up to the 4.3.027 patchset.There is no privilege escalation issue here, only a bug where bash can execute code it is not supposed to at the privilege of the service issuing the shell commands.
Recommended Posts