[clug-talk] Website off-line? - Fixed I think

sgrover sgrover at open2space.com
Sat Jun 9 13:05:36 PDT 2007


I *think* it's fixed.  It's working for me at least.

It would appear an attempt to insert non-printing characters into a node 
that didn't exist (clug.ca/node/node/node/node/...n^x.../node/node/). 
This resulted in a messed up situation, that should have been a one 
off...  But we have page cacheing turned on, so the messed up bit was 
cached.  As soon as I disabled caching things started working fine again 
(for me).

I see Szemir is claiming to have fixed it, maybe so, but I think we were 
both working on it at the same time.. :)

Mitchel,
You missed the point.  Drupal is NOT the problem.  Your opinion of 
Drupal is based on a version that is 2 years out of date (Clug's site). 
  I guess you could have some experience with other Drupal sites from a 
management perspective, but you haven't given me that impression (yet).. :)

This is a case of known PHP and Drupal bugs, which were fixed in a 
timely manner, but not applied to the CLUG site.  So hackers and 
spammers were having fun trying things out.  It speaks volumes in favor 
of Drupal that even in this situation our site was not defaced, and it 
kept working just fine until a caching problem came up - even then, it 
was just a reported error, rather than something worse...

Shawn


Mitchell Brown wrote:
> Thanks Shawn. As I think many will agree - the site needs a complete 
> overhaul. Personally, you wouldn't get any complaints from me if we were 
> to completely drop Drupal altogether =/ But thats just mho.
> 
> On 6/9/07, *sgrover* <sgrover at open2space.com 
> <mailto:sgrover at open2space.com>> wrote:
> 
>     Here's the short of it.  The site is borked, kinda.
> 
>     If you get prompted with an "Access Denied" message, within the CLUG
>     theme (i.e. you can see the logo), then you can log in and everything
>     will be fine (granted you have a login account).
> 
>     If you get a message about a duplicate entry in the sessions table,
>     close your browser and try again - this *should* get you into the state
>     described above.  Failing that, try a different browser.
> 
>     Somehow, something has changed to deny access to the general public.
>     I've checked the access controls, and these are set right.  I'm
>     examining the drupal logs right now to see if I can figure out what
>     triggered this (and therefore hopefully how to fix it).
> 
>     My knee-jerk reaction was to clear the sessions table - it shouldn't be
>     critical.  So I did a backup first (after getting the passwords), and
>     wiped the table.  No Joy.  So there is something else going on.
> 
>     This is a Drupal problem.  Our host cannot be expected to fix this.  But
>     this is not really a Drupal bug either.  The version of Drupal in use
>     for Clug is now 2 years old, and the spammers/hackers have been taking
>     advantage of that...
> 
>     My goals:
>     - short term fix to get the site quasi accessible.  At least with the
>     Installfest notice up.  I'll have this part resolved in the next hour.
>     (worse case, I put up a static HTML page...)
>     - Fix the current site, if possible.
>     - Failing that, remove the current files/database from our host.  I've
>     mirrored the files and database to my local server and have it
>     operational there...  Then put up a cut down/basic version of the site.
> 
>     I've already talked to Kin about a Drupal workshop.  The idea being a)
>     provide the details to build a business/personal/group site, and b) get
>     a couple more folks in CLUG to know how to work with Drupal, so they can
>     help with the CLUG website.. hint, hint, nudge, nudge.. :)
> 
>     I'll have something done in the next hour.  I'll have a more permanent
>     solution (fixed site/new site) by this time tomorrow.
> 
>     Shawn
> 
>     Kin Wong wrote:
>      > Does anyone know who is hosting and how to contact them?  I have
>     a call into Dave but cell phone not currently on.  Shawn actually
>     told me about it this afternoon, but he does not have the database
>     password.
>      >
>      >
>      > ----- Original Message -----
>      > From: "Hendrik Schaink" <hschaink at infovisi.com
>     <mailto:hschaink at infovisi.com>>
>      > To: "CLUG General" < clug-talk at clug.ca <mailto:clug-talk at clug.ca>>
>      > Sent: Friday, June 8, 2007 5:51:55 PM (GMT-0700) America/Chihuahua
>      > Subject: [clug-talk] Website off-line?
>      >
>      > I received this message when trying to access www.clug.ca/events
>     <http://www.clug.ca/events>
>      >
>      > Fatal error: Duplicate entry '86ff3ce701e2e701215af86db98397fd'
>     for key
>      > 1 query: INSERT INTO sessions (sid, uid, hostname, timestamp) VALUES
>      > ('86ff3ce701e2e701215af86db98397fd', 0, ' 68.147.200.196
>     <http://68.147.200.196>', 1181346431) in
>      > /home/clug/public_html/includes/database.mysql.inc on line 66
>      >
>      > Also, trying to access www.clug.ca <http://www.clug.ca> comes
>     results in in a partial page
>      > indicating "Access denied" - "You are not authorized to access
>     this page."
>      >
>      > Hendrik Schaink
>      >
>      > _______________________________________________
>      > clug-talk mailing list
>      > clug-talk at clug.ca <mailto:clug-talk at clug.ca>
>      > http://clug.ca/mailman/listinfo/clug-talk_clug.ca
>      > Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
>      > **Please remove these lines when replying
>      >
>      >
>      > _______________________________________________
>      > clug-talk mailing list
>      > clug-talk at clug.ca <mailto:clug-talk at clug.ca>
>      > http://clug.ca/mailman/listinfo/clug-talk_clug.ca
>      > Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
>      > **Please remove these lines when replying
> 
>     _______________________________________________
>     clug-talk mailing list
>     clug-talk at clug.ca <mailto:clug-talk at clug.ca>
>     http://clug.ca/mailman/listinfo/clug-talk_clug.ca
>     Mailing List Guidelines ( http://clug.ca/ml_guidelines.php)
>     **Please remove these lines when replying
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> clug-talk mailing list
> clug-talk at clug.ca
> http://clug.ca/mailman/listinfo/clug-talk_clug.ca
> Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
> **Please remove these lines when replying



More information about the clug-talk mailing list