Account Suspension

[solounaltronick]

Hi,

you have activated this account 3 days ago. Now i've logged in for the first time and have just uploaded a phpinfo file and a filemanager to upload and edit my files, but after some minutes it got suspended due to the upload of a phising website.

As you can probably check in your FTP log i've just uploaded 2 files, without any index. I can send them to you if you want to verify that it's not phising.

Thanks

---------- Post added at 04:34 PM ---------- Previous post was at 04:30 PM ----------

Oh, right, free users tickets are automatically posted in the forum.

 

[Livewire]

Don't panic about the publicly uploaded thing, the account details are only viewable by advocates and up anyways.

As for why it said phishing, I haven't got a darn clue. I'm firing an email off to the folks in charge of the auto-suspension templates; sounds like at some point -something- got seriously broken there, but you're 100% right - it -was- just a phpinfo.php. The file manager itself wasn't on there yet.


Fair warning with the file manager though; make sure you do password protect it somehow - having one in public counts as file hosting. Otherwise, the suspension's lifted, not sure what exactly triggered it though. If it does it again let us know!

 

[solounaltronick]

Hi,

the file manager is a really simple single file PHP file manager, with upload and edit functions, really useful for developers (syntax highlighting and so on), as you can directly edit files on the server without having to upload them every time via FTP.

The big problem with a public filemanager is that everyone can delete all my files. When i have to use it for short times I simply upload it with a name that nobody can guess (R-tz.php or similar) -with directory listing not enabled of course-, but when i decide to left it in my webspace i use an htaccess protected directory.

Anyway, this is what i've done:

1 - Uploaded phpinfo.php and saw that a file was being loaded with auto_prepend_file in all my pages
2 - Uploaded the filemanager
3 - Used the filemanager to see what was the content of that file (and was able to open it -of course-)
4 - Deleted the filemanager
5 - After some minutes i've reloaded the phpinfo and were shown a page with the suspension message

Don't know so much about your automatic suspension templates, but maybe there are some problems with the single file filemanager itself.

As said, i can upload it again if you need to check that it's not phising.

Thanks

 

[Livewire]

Nope, don't need to worry actually. The system logs what triggered it and what it picked up that said it was phishing; we had a similar issue with a different user a few days ago with a web file uploader too.

For curiosity, was yours named Webmin or Web Admin, with a copyright header saying 2004 near the top of the file?

 

[solounaltronick]

Yes.

http://cker.name/webadmin/ Here is where you can download that filemanager.

Do you know any alternative?

Thanks

 

[Livewire]

I actually just use cPanel's, but that explains it - that's the same filemanager the other user had when it called him on Phishing too >_<

I'll forward that on too; at minimum there's no reason it should be marked as Phishing


Other than cPanel's built in file manager (which can edit if you're not in the legacy one, although I don't think it has syntax highlighting), I haven't actually looked for one that much. I usually develop locally and upload to the server though - never really had a reason to modify it right on the server

 

[callumacrae]

Use FTP or cPanel File Manager

~Callum