Blog articles

Blog articles (24)

Blog articles

Using OSE Credit with Page break for online book websites

This blog article shows you an example of using OSE Credit with the Pagebreak plugin developed by MyJSpace to create an effect that, after reading two pages of your article, the user is shown the credit top-up messages.

After installing OSE Credits and configure it with the ReadMore function of your editor as follows (we use K2 and JCE editor here)

OSE Credit Case 1

Your article will look like this in front:

OSE Credit Case

To show a page break in the frontend, please download this plugin, which was originally developed by MyJSpace, and enable the plugin, and ensure that it is at the last order of the Content plugin group.

The page break orignally looked like this before the plugin is enabled:

OSE Credit case

After the plugin is enabled, the page break will look like this

OSE Credit case

The article shows two pages of the e-book / blog to the user, and at the last page, users have to topup their credits to continue reading on the article:

OSE Credit case

That's it, good luck in your online business!

Read more...

Gumblar .cn Exploit-12 Facts About This Injected Script

We recently are doing research working papers on the web-virus and come to this wiki and  this article which we found is useful for all users who would like to know more about how a website is infected due to the virus in your own computer. This virus is called 'Gumblar.cn'. The basic logic of the virus is to 'steal' the login credentials of your ftp and log in to the ftp server, inject the index files like 'index.php', 'default.php' or all php files with base64 decoded codes, so your website is infected and silently force a download of the virus to the client's computer when they access your website. Here we write down the summaries the author's findings:

1 Infected web pages contain a script that looks like this

How Malicous Codes Look Like

2 Every infected site has it’s own modification of the script. However every modification has common parts and can be easily identified as the gumblar .cn script.

How Malicous Codes Look Like

3 When the script is executed (every time someone visits the infected web page),  another script from “gumblar . cn/rss/” is silently loaded and executed.

4 This code is usually injected right before the <body> tag.  I saw a web page with eight(!) <body> tags (yeah, invalid HTML) and the gumblar scripts were injected before each of them.

5 Sometimes I encounter this script on sites infected with the malicious iframes that I reviewed in my recent posts. So this exploit may use the same infection technique. And probably the same clean up steps may be applied.

6 Unlike the recent iframe exploits, where the malicious code was only injected into files with most common filenames (e.g. index.html, index.php, etc.) this gumblar script is injected into every web page.

7 This script is also injected into .js (JavaScript) files. Usually at the very bottom.

8 Maybe it’s just a coincidence but about 95% of the infected sites used PHP. It is not possible to say for sure if the rest sites used PHP. Who knows.

9 This exploit doesn’t use some particular script vulnerability. I encountered it on phpBB, SMF and vBulletin forums, on WordPress 2.7.1 blogs, on proprietary PHP sites.

10 Some people reported that the following code is injected into PHP files: 

 How Malicous Codes Look Like

The base64-encoded part is this gumblar .cn script.

This PHP code, it’s structure and variable names are the same as in the infamous fake Yahoo counter exploit. Only the injected javascript is different. Maybe it was created by the same people, or maybe just the same exploitation kit was used.

11 This is not a server-wide exploit. I checked several servers with infected sites. Most of the neighbor sites were clean.

12 Gumblar .cn domain is currently blacklisted by Google.
Removal

Most likely this exploit is caused by compromised FTP credentials. So start with your own computer. Scan it for spyware. Some people reported good results with Malwarebytes.

Then (from a clean computer) change FTP passwords.

Try not to store them inside programs that you use to upload files to a server.

Whenever possible use secure connections. I.e. use SFTP instead of plain FTP. Many shared hosting plans include SFTP.

Finally, remove the malicious code from all server files (.html, .php, .js, etc.). The easiest way to do it, is replace them with clean files from a backup.

Read more...

How to install FILEINFO in WHM?

This tutorial shows how to install FILEINFO module in your WHM server.

First, please login your WHM panel, once logged in, please access the Easy Apache module

WHM Fileinfo Installation

Then select the 'Previously Saved Config' and start to configure the profile

WHM Fileinfo Installation

In the Apache version selection page, please choose the version you would like to use in your server

WHM Fileinfo installation

In the PHP version selection page, please choose version 5.3 or above, as FileInfo is available to version 5.3.X or above only.

WHM Fileinfo installation

Next, in the Short Option List page, please click the Exhausive Option List button to continue

WHM Fileinfo installation

In the Exhausive Option List, please scroll down until  you see the Fileinfo and Check the option. Then save and build the Apache server again.

WHM Fileinfo installation

Read more...

On the list again - WordPress Spam Plugins 2012

OSE Firewall is becoming more and more popular. It is on the list again! Here is the reference:

http://www.wptemplate.com/plugins/wordpress-spam-plugins-2012.html/

Wordpress- a wonderful platform for your beautiful and free websites exactly the way you want them, hassle free. You can make new pages, create categories and tags, design your very own blog with numerous options of design templates to choose from and infinite colors for the dashboard and the homepage. With over 18,000 plugins, you do not have to worry about spam, your online backup, protection against sploggers, attacks and hackings. Here are a few of the most popular and widely used spam plugins of 2012, enabling you to extract the best use from WordPress.

Read more...

We are on the list! - 30 Useful WordPress Plugins for Web Developers

We are on the list of 30 useful Wordpress plugins for web developers!

Reference: http://www.freshtheme.net/30-useful-wordpress-plugins-for-web-developers.html

WordPress is certainly one of the most feature rich and user-friendly publishing platforms available today due to the support and availability of huge number of plugins. Also with so many plugins available finding the best WordPress plugins is hard and time-consuming.

This post is featuring 30 fresh WordPress plugins that you will find quite helpful while developing your next web projects.

Read more...

JFolder::create: Could not create directory

When you encounter the following error during Joomla installation:

JFolder::create: Could not create directory
Warning: Failed to move file!

JFolder Create Error 

Please check the 'Path to Temp Folder' in your Joomla Configuration section:

Link: www.yourwebsite.com/administrator/index.php?option=com_config

JFolder Create Error

This is where the configuration went wrong and caused the issue. If you do not know what is the correct path and you have OSE Security Suite installed to protect your Joomla website, please go to OSE Security Suite --> OSE Anti-Hacker --> Activation, the activation section shows the activation codes, where the correct absolute path of your website can be shown there, e.g.

JFolder Create Error

In the above example, the path is: "/home/osetesting1234/htdocs/osesecurity/administrator/scan.php". This means the absolute path of your Joomla website is: /home/osetesting1234/htdocs/ (please note the path will be different from this example in your case) .

Now, please go back to your Joomla website, and enter the following path to the 'Path to Temp Folder' in your Joomla Configuration section: /home/osetesting1234/htdocs/tmp. This will resolve the issue.

Read more...
Subscribe to this RSS feed

ALL TRANSACTIONS ARE PROCESSED IN PAYPAL AND THE FOLLOWING CREDIT CARDS ARE ACCEPTED.

paypal-curved-32px visa-curved-32px visa-electron-curved-32px mastercard-curved-32px delta-curved-32px maestro-curved-32px discover-curved-32px solo-curved-32px switch-curved-32px google-checkout-curved-32px Secure Shopping

Satisfaction Guaranteed Best Web Tool