Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

Installing SilverStripe /

Getting SilverStripe up and running on your computer and on your web server.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Suspicious File Alerts : cache problem?


Go to End


5 Posts   3070 Views

Avatar
Semazen

Community Member, 11 Posts

10 May 2010 at 11:51am

Edited: 10/05/2010 11:52am

Installed SilverStripe to try out the acript in a sub-domain, and I'm getting these Suspicious File Alerts from LFD in WHM every hour.

lfd on host.myhostname.com: Suspicious File Alert

Time:   Mon May 10 09:02:29 2010 +1000
File:   /tmp/silverstripe-cache-home-username-public_html-cms/manifestClassParse-_home_username_public_html_cms_sapphire_forms_ReadonlyTransformation.php
Reason: Script, file extension
Owner:  nobody:nobody
Action: No action taken

Time:   Mon May 10 09:02:29 2010 +1000
File:   /tmp/silverstripe-cache-home-username-public_html-cms/manifestClassParse-_home_username_public_html_cms_sapphire_core_model_fieldtypes_ForeignKey.php
Reason: Script, file extension
Owner:  nobody:nobody
Action: No action taken

Time:   Mon May 10 09:02:29 2010 +1000
File:   /tmp/silverstripe-cache-home-username-public_html-cms/manifestClassParse-_home_username_public_html_cms_sapphire_core_model_fieldtypes_SSDatetime.php
Reason: Script, file extension
Owner:  nobody:nobody
Action: No action taken

Time:   Mon May 10 09:02:29 2010 +1000
File:   /tmp/silverstripe-cache-home-username-public_html-cms/manifestClassParse-_home_username_public_html_cms_sapphire_forms_CheckboxSetField.php
Reason: Script, file extension
Owner:  nobody:nobody
Action: No action taken

Time:   Mon May 10 09:02:29 2010 +1000
File:   /tmp/silverstripe-cache-home-username-public_html-cms/manifestClassParse-_home_username_public_html_cms_sapphire_security_MemberLoginForm.php
Reason: Script, file extension
Owner:  nobody:nobody
Action: No action taken

Time:   Mon May 10 09:02:29 2010 +1000
File:   /tmp/silverstripe-cache-home-username-public_html-cms/manifestClassParse-_home_username_public_html_cms_sapphire_parsers_BBCodeParser.php
Reason: Script, file extension
Owner:  nobody:nobody
Action: No action taken

Time:   Mon May 10 09:02:29 2010 +1000
File:   /tmp/silverstripe-cache-home-username-public_html-cms/manifestClassParse-_home_username_public_html_cms_sapphire_core_i18n.php
Reason: Script, file extension
Owner:  nobody:nobody
Action: No action taken

Time:   Mon May 10 09:02:29 2010 +1000
File:   /tmp/silverstripe-cache-home-username-public_html-cms/manifestClassParse-_home_username_public_html_cms_sapphire_widgets_WidgetArea.php
Reason: Script, file extension
Owner:  nobody:nobody
Action: No action taken

Time:   Mon May 10 09:02:29 2010 +1000
File:   /tmp/silverstripe-cache-home-username-public_html-cms/manifestClassParse-_home_username_public_html_cms_sapphire_email_QueuedEmailDispatchTask.php
Reason: Script, file extension
Owner:  nobody:nobody
Action: No action taken

Time:   Mon May 10 09:02:29 2010 +1000
File:   /tmp/silverstripe-cache-home-username-public_html-cms/manifestClassParse-_home_username_public_html_cms_sapphire_parsers_TextParser.php
Reason: Script, file extension
Owner:  nobody:nobody
Action: No action taken

Looks like something to do with cache. Is a cache folder missing or something?

Thanks

Avatar
Hamish

Community Member, 712 Posts

10 May 2010 at 3:32pm

Looks like you have some sort of software checking for (potentially) malicious files in your tmp directory. There isn't anything wrong as such - SilverStripe creates these files to speed up execution - but if you can't turn off the warnings you can manually set the SilverStripe cache directory with:

define('TEMP_FOLDER', 'some-web-writeable-temp-folder');

Avatar
Semazen

Community Member, 11 Posts

10 May 2010 at 4:16pm

Edited: 10/05/2010 4:17pm

Thanks Hamish

Thanks for the tip. Yes, we're using ConfigServer Security & Firewall http://www.configserver.com/cp/csf.html on WHM, which impacts all hosting accounts.

So, just to confirm, we change:

if(!defined('TEMP_FOLDER')) {
	define('TEMP_FOLDER', getTempFolder());
}

to

if(!defined('TEMP_FOLDER')) {
	define('TEMP_FOLDER', '/full/path/to/the/temp/directory');
}

Is that right?

Thanks again

Michael

Avatar
Hamish

Community Member, 712 Posts

10 May 2010 at 6:20pm

Would work, but better not to hack the core and use Environment Management instead. Just create a _ss_environment.php to sit in your SS root folder and put the line there.

Avatar
Semazen

Community Member, 11 Posts

10 May 2010 at 10:17pm

Brilliant. Thanks Hamish.