Hello, We belive a user of your service has gained unauthorized access to one of our servers. The details of this user taken from the ad_network_ads_189.txt file shows 1113101663|216.9.35.51|us82jsdd|400|900|4 Can you please investigate this users account, we will provide further information on which site the ads are running on(they are still there), we belive this user has gained things from your network because its running on one of our larger websites. Also, I want to signup with my own website, but it says my site url is in use, but its not me occupying that can you show me what email is using it or remove them, I can provide information that it is MY website. -Scott
Did someone take action in your case? I believe what your're saying. I had troubles ones before when I joined coop. When I tried to delete the textfile it was still on the server. Needed to contact my hosting company to remove it and a day later installed a new one. Still I'm using coop now, even there are recently strange movements with the weight which seems not normal.
Bit of friendly advice for anyone using the co-op. Move that text-file out of the public_html (www) folder. I suggest making a new folder at the same level as public_html and placing it in there. At the very least rename the text file to something weird. (obviously you also need to change the PHP code to reflect your changes )
whois on 216.9.35.51 Blacklist Status: Clear Whois History: 16 records stored Record Type: IP Address IP Location: United States - California - San Diego - Digital Point Solutions Reverse IP: No websites hosted using this IP address Reverse DNS: blink.digitalpoint.com -------------------------------------------------------------------------------- NetHere Inc. NETHERE-3 (NET-216-9-32-0-1) 216.9.32.0 - 216.9.47.255 Digital Point Solutions NTHR-DIGITAL-POINT (NET-216-9-35-48-1) 216.9.35.48 - 216.9.35.63
Must be due to the fact is you 777 it everybody can write to it right? So if a spammer finds all Co-op sites and figures out the location and name of the txt file he can write his links into it... Am I correct here or am I talking nonsense?
That was my thinking. However, I believe it depends how your server is set up to run PHP... (?) I seem to have it working just fine now with permissions set to 660 The advise I've read on this forum would suggest that you need to set it to 666 Which seems to me like anyone could write to it - either by writing their ads to it, writing some nasty text-links in there, or just plain writing TONS of garbage to your filesystem. Dunno - might well be talking sh!te I moved mine out of the public_html directory when I read that it needed to be set to 666 (before I had taken the time to have a good look at the code). I see no real reason to make it world-writable, tried 660 and it seems to be working just fine.
The minimal permissions would just need to be that the user the web server is running as can write to the .txt file. Truthfully, though, I'm not sure how effective it would be for a hacker to write their links to the .txt file, since the PHP file flushes those ads in a rotating fashion... so they would have to come back every day to re-add them. Also, of course make sure permissions to the PHP file are not writable by anyone except you.