HelpDesk 18.03.2016 2502 Support Status: Closed Solution: Yes prosferatu
hello,
I received this mail from server's antivirus:
PATH: /home*/*/public_html/ /var/www/html/ /usr/local/apache/htdocs/
RANGE: 1 days
TOTAL FILES: 4508
TOTAL HITS: 2
TOTAL CLEANED: 0
FILE HIT LIST:
{HEX}base64.inject.unclassed.6 : /home/*/*/help/operator/template/setting.php => /usr/local/maldetect/quarantine/setting.php.2938530106
{HEX}base64.inject.unclassed.6 : /home/*/*/help/operator/template/setting.php => /usr/local/maldetect/quarantine/setting.php.2418419826
now I can not reach Settings/settings menu. Please help me about it. Thanks.
Thank you for opening a support ticket.
That is a firewall rule your host has set and is not a HelpDesk error. The Firewall rule will check for a file name and if base64_decode is called inside that file it will be blocked. Please ask them to cancel this rule or adapt it for that certain file.
base64_decode is a normal php function and should not be blocked, we are aware that certain hackers use that function to hide some of there code in their files but your host should be able to detect this without blocking files that use that function in a good way.
thanks. This will cause vulnerabilities in the future but this is the only way to achieve help desk goal -.-
Sorry, I don't understand why should that cause a vulnerability? As I explained above there is nothing to worry about base64 if used the proper way. Your host only needs to make an exception for that particular file or setup the firewal correctly from the beginning.
To prevent any future problems with miss configured firewalls from certain hosting providers we have adapted our code. You can can update to 1.4.2 or higher and it should not happen again.
Important you need to reset the settings and save it again.
Thank you very much.
thanks :) good luck in the future...