I am running Zikula (1.1.1-dev) and need to upgrade to 1.1.2 How should I complete the upgrade? I already backed up the files and database. Simply copy the files to my web server? I could not find an upgrade patch if there is one for the rev I am running. I got hacked today. My web host provider says there is an exploit that changed my index.php file. I have the web site back up by replacing index.php but need to upgrade and shut the door, assuming the upgrade fixes the problem.
Thanks,
Joe...........
Watch
GitHub Core
Show your support for Zikula! Sign up at Github account and watch the Core project!
GitHub Modules
Forum Activity
- rgasch created topic »Using PageUtil::addVar() to load script code« 11:48 AM
- michiel responded to »password problem« 10:01 AM
- mazdev responded to »Hide "Register new account" and change template to 3 col« 07:50 AM
- mesteele101 created topic »Zikula 1.3.3 - Site Search 1.5.2 - Unable to turn off plug-ins« 07:48 AM
- mesteele101 responded to »ERR (3): E_USER_ERROR: Smarty error: [in pagesvar:pagesitem2en line XXX]…« 25. May
- mazdev responded to »Pages 2.5.0 and updating - Page not found« 25. May
- mesteele101 responded to »Zikula 1.3.3 - Selecting a category in Pages not working« 25. May
Zikula Blog
- Anatomy of Open Source Projects on Mar 07
- Continuous Review on Mar 01
- Not Invented Here on Feb 24
- How to Contribute Your Code at Github on Jan 13
- 10 Steps to Coding-Nirvana: Tips for Successful Module Writing on Nov 12
- Submitting Bug Report Tickets That Get Results on Aug 17
- Cozi Tricks #1: Syntax Highlighting on Aug 07
Login
Zikula (1.1.1-dev) upgrade
-
- Rank: Softmore
- Registered: Jan 12, 2006
- Last visit: Mar 16, 2010
- Posts: 147
Posted: Oct 22, 2009 - 01:21 PM
-
- Rank: Developer
- Registered: Jun 16, 2003
- Last visit: May 29, 2010
- Posts: 1966
Posted: Oct 22, 2009 - 02:03 PM
first, if you do determine that Zikula or any third party module was at fault for the exploit, please report it immediately to the team here so it can be investigated and corrected. (larsneo is the resident security expert)
second, most exploits are not a result of Zikula but password problems (i'm not a security person, but others tell me so). So CHANGE YOUR PASSWORDS immediately. Your sysadmin should be able to review their server logs and deduce how the hacker got in.
I had a defacement hack take over my site about a year ago. lost all my files, but the database was in tact. The problem was not Zikula (PostNuke at the time), but that the hacker had figured out my password and used it to hack my site.
third, you apparently used a -dev version of the product in a production environment. please know this is VERY STRONGLY DISCOURAGED.
fourth, since you were using an incomplete version of 1.1.1, I suggest you delete all the files (except config.php and third-party modules) and replace them all with 1.1.2 files. The 'upgrade' process from 111>112, was simply a file replacement, but using just the official 'patch' might miss a few files that would have changed from 111-dev>111(official). SO, I recommend replacing ALL the files. There were no database changes in that upgrade
fifth - be sure to upgrade all the modules to the latest versions also.
craig -
- Rank: Team Member
- Registered: Sep 06, 2006
- Last visit: May 09, 2010
- Posts: 2446
Posted: Oct 22, 2009 - 07:45 PM
Check your module versions too, an outdated extension seems to be the problem to me.
-dev versions are not discouraging if you're testing, but once the official release is out, have to update the files
--
- Mateo T. -
Mis principios... son mis fines -
- Rank: Softmore
- Registered: Jan 12, 2006
- Last visit: Mar 16, 2010
- Posts: 147
Posted: Oct 24, 2009 - 05:16 AM
I have multiple sites running and not all are getting hit. One is a very new install of the latest Zikula. I took a look at all the modules active on the site getting hit but I could find no easy source to tell me what rev each module should be running so I pulled up the site I just installed with 1.1.2 and did a side by side look at all modules and the rev. I deactivated all modules that looked to be running outdated revs yesterday and this morning I was hit again so it is not one of the modules. I have two other admin for the affected site and have asked them to change PW.
So to upgrade to 1.1.2 from where I am simply delete the old files from the server and replace with the 1.1.2 files?
That sounds easy enough. I have a full database backup complete plus all the current files.
Joe............. -
- Rank: Developer
- Registered: Jun 16, 2003
- Last visit: May 29, 2010
- Posts: 1966
Posted: Oct 24, 2009 - 05:21 AM
Quote
I have two other admin for the affected site and have asked them to change PW.
to be clear, I was referring to you ftp/shell/cpanel password, not your zikula password, although, you should probably change all of them.
Yes, I believe that will work in your case. I would regenerate your module list and check for new modules versions when complete to be sure.Quote
So to upgrade to 1.1.2 from where I am simply delete the old files from the server and replace with the 1.1.2 files?
As always, keep backups of everything so you can revert if something fails.
The whole thing still sounds like a root (non-zikula) problem to me. be sure to work with your host and look through their logs to see if you can figure out what is happening. -
- Rank: Softmore
- Registered: Jan 12, 2006
- Last visit: Mar 16, 2010
- Posts: 147
Posted: Oct 24, 2009 - 07:13 AM
The upgrade to Zikula worked but now all my news articles are missing and the forum is broke
I'll start different threads to deal with those issues.
Joe.......... -
- Rank: Developer
- Registered: Jun 16, 2003
- Last visit: May 29, 2010
- Posts: 1966
Posted: Oct 24, 2009 - 07:14 AM
you'll likely need to upgrade both those modules. I suggest intalling the latest version of each. -
- Rank: Softmore
- Registered: Jan 12, 2006
- Last visit: Mar 16, 2010
- Posts: 147
Posted: Oct 24, 2009 - 07:27 AM
I did upgrade the news module and PNphpBB2 to the latest rev.
Joe.......... -
- Rank: Softmore
- Registered: Jan 12, 2006
- Last visit: Mar 16, 2010
- Posts: 147
Posted: Oct 24, 2009 - 01:49 PM
OK this is getting very frustrating. The site is getting hacked multiple times a day. The index.php file gets modified. I fix the site by uploading the index.php file overwriting the hacked one. Passwords have been changed. I guess it is time to start digging through raw access logs.
Joe............. -
- Rank: Developer
- Registered: Jun 16, 2003
- Last visit: May 29, 2010
- Posts: 1966
Posted: Oct 24, 2009 - 01:55 PM
craigh
Your sysadmin should be able to review their server logs and deduce how the hacker got in.
JoeMcLaughlin
I guess it is time to start digging through raw access logs.
you probably should have started there. do you have a sysadmin or host? are you hosting for yourself?
again, make sure you change your ftp/shell/cpanel password - your zikula password won't matter much in this case. if you deleted all the files on your site and replaced them, then it seems logical that they have your password. -
- Rank: Softmore
- Registered: Jan 12, 2006
- Last visit: Mar 16, 2010
- Posts: 147
Posted: Jul 24, 2010 - 10:54 AM
This is an old thread. I ended up rolling the site back from backup to restore everything. This site is still running 1.1.1-dev I need to upgrade it. Is 1.2.3 compatible with PNphpBB2?
Joe........... -
- Rank: Moderator
- Registered: Mar 15, 2005
- Last visit: May 30, 2010
- Posts: 1077
Posted: Jul 24, 2010 - 11:16 AM
Yes. I'm running pnphpbb2 under 1.2.3, though I have a lot of hacks... I'm certain it works normally. You will need to upgrade to the latest SVN version because it has bug fixes for datetimebrief (and prolly others) that are needed for 1.2.3. -
- Rank: Softmore
- Registered: Jan 12, 2006
- Last visit: Mar 16, 2010
- Posts: 147
Posted: Jul 25, 2010 - 02:02 PM
I created a test site with copies of everything then performed the upgrade. Everything looks to be working but I do see the Posted: datetimebrief problem.
Joe............
- Moderated by:
- Support
