Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
#1 2017-04-13 19:06:53
- superbiate
- Member
- Registered: 2017-03-14
- Posts: 14
Login Spontaneously Stopped Working
Hi all,
After a recent TXP update to bring everything up to modern standard and clear all bugs, life has been good. But then just today – while editing an article – I found myself ejected from the backend and forced to log back in. And that’s when it gets stranger: my login (admin, and the only active account) was denied!
I’ve made no changes to the server config, nor to Txp. What gives? Any wisdom here would be deeply appreciated.
Offline
Re: Login Spontaneously Stopped Working
If you can’t log in like that, two likely scenarios:
- Stale / mangled cookie – try deleting any
txp_login
cookie(s) then attempt logging in again. - Someone else has changed your password: panic!
For the second option, you’ll need to reset your password via MySQL (phpMyAdmin or equivalent):
update txp_users set pass=password('your-pass') where name='your-user';
Once you get back in, check your Admin->Diagnostics to verify that no files have been tampered with. If they have, you’ll need to re-upload a clean Txp from a fresh installation and sweep your server for backdoor files and eliminate them, as well as change your host + MySQL passwords. That’s worst case scenario. The cookie thing is more likely.
Hope that helps.
The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Txp Builders – finely-crafted code, design and Txp
Online
#3 2017-04-14 02:40:27
- superbiate
- Member
- Registered: 2017-03-14
- Posts: 14
Re: Login Spontaneously Stopped Working
Now this is curious — I’ve reset my account password through both the SQL command line as well as the more semantic txp_users table – and it immediately popped back to a hacked password. This is ugly.
Offline
#4 2017-04-14 03:02:58
- superbiate
- Member
- Registered: 2017-03-14
- Posts: 14
Re: Login Spontaneously Stopped Working
I’m in — and have found the following info printed in Txp Diagnostics:
++++++++++++++++++++++++++++++++++++++++
Textpattern version: 4.6.2 (e33066cbee83626e45c37d5727751521)
Last Update: 2017-03-14 17:24:15/2017-03-14 17:12:14
Document root: /home/superb10/public_html
$path_to_site: /home/superb10/public_html
Textpattern path: /home/superb10/public_html/textpattern
Permanent link mode: year_month_day_title
Temporary directory path: /home/superb10/public_html/textpattern/tmp
Site URL: superbiate.com
PHP version: 5.4.45
GD Image Library: version bundled (2.1.0 compatible), supported formats: GIF, JPG, PNG
Server TZ: America/New_York
Server Local Time: 2017-04-13 22:57:23
DST enabled?: 1
Automatically adjust DST setting?: 1
Time Zone: America/New_York (-18000)
MySQL: 5.6.33-log
db_server_time: 2017-04-13 22:57:23
db_server_timeoffset: 0 s
db_global_timezone: SYSTEM
db_session_timezone: SYSTEM
Locale: en_US.UTF-8
Server: Apache
PHP Server API: cgi-fcgi
RFC 2616 headers: 0
Server OS: Linux 3.10.0-427.18.2.lve1.4.38.el7.x86_64
Active plugins: rss_admin_db_manager-4.4, smd_where_used-0.30
Admin-side theme: classic 4.6.2
Pre-flight check:
————————————
Some Textpattern files have been modified:
/home/superb10/public_html/rpc/index.php,
/home/superb10/public_html/rpc/TXP_RPCServer.php
Clean URL test failed.
————————————
.htaccess file contents:
————————————
#DirectoryIndex index.php index.html
#Options +FollowSymLinks
#Options -Indexes
<IfModule mod_rewrite.c> RewriteEngine On #RewriteBase /relative/web/path/
RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^(.+) – [PT,L]
RewriteCond %{REQUEST_URI} !=/favicon.ico RewriteRule ^(.*) index.php
RewriteCond %{HTTP:Authorization} !^$
RewriteRule .* – [E=REMOTE_USER:%{HTTP:Authorization}]
</IfModule>
<Files README.txt>
Order allow,deny
Deny from all
</Files>
<Files HISTORY.txt>
Order allow,deny
Deny from all
</Files>
<Files “Textpattern Files and Folders.txt”>
Order allow,deny
Deny from all
</Files>
#php_value register_globals 0
————————————
++++++++++++++++++++++++++++++++++++++++
It’s telling me that /home/superb10/public_html/rpc/index.php & TXP_RPCServer.php were modified. Should I be concerned? And what should I look for in those two spots..?
Yours very gratefully, G.
Offline
Re: Login Spontaneously Stopped Working
Some Textpattern files have been modified: /home/superb10/public_html/rpc/index.php, /home/superb10/public_html/rpc/TXP_RPCServer.php
you should re-upload the two files. Or, if you do not use the rpc server you can delete the RPC directory all together.
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
#6 2017-04-14 13:03:27
- uli
- Moderator
- From: Cologne
- Registered: 2006-08-15
- Posts: 4,304
Re: Login Spontaneously Stopped Working
Additionaly you should change all passwords [Textpattern, database, FTP, email, (other password-protected services in use?), and last not least: webhoster PW(!!)] associated with that website. And similar those from other websites you can administer via that same hosting account.
In bad weather I never leave home without wet_plugout, smd_where_used and adi_form_links
Offline