Comments for Support for OpenX Source ad server by independent OpenX Source Specialist Erik Geurts http://www.openxconsultant.com Support, Consulting, and Training for OpenX Source ad server Thu, 03 Nov 2011 08:03:08 +0000 hourly 1 http://wordpress.org/?v=3.3.1 Comment on What to do when you suspect your OpenX system has been hacked by Erik Geurts http://www.openxconsultant.com/blog/2011/10/what-to-do-when-you-suspect-your-openx-system-has-been-hacked/comment-page-1/#comment-764 Erik Geurts Thu, 03 Nov 2011 08:03:08 +0000 http://www.openxconsultant.com/?p=1033#comment-764 You can still download all previous versions of OpenX, by going to http://download.openx.org/ . What you will get returned is an XML file, and if you study that carefully you will find the exact location of each download file. You can still download all previous versions of OpenX, by going to http://download.openx.org/ . What you will get returned is an XML file, and if you study that carefully you will find the exact location of each download file.

]]> Comment on What to do when you suspect your OpenX system has been hacked by Burgy http://www.openxconsultant.com/blog/2011/10/what-to-do-when-you-suspect-your-openx-system-has-been-hacked/comment-page-1/#comment-762 Burgy Thu, 03 Nov 2011 00:16:31 +0000 http://www.openxconsultant.com/?p=1033#comment-762 Thank you very much. Since we can't even get an older version like Openx 2.6.5 as a download any more, I am quite disappointed with the development by OpenX. I was quite happy to find a lot of useful information FOR FREE on your page, how to update for example. Without this I could have never done it. And this entry about security fixes certainly made my day and my page more secure. Thank you for sharing. With best regards, Burgy P.s. And yes, you are certainly an OpenX specialist! Thank you very much.

Since we can’t even get an older version like Openx 2.6.5 as a download any more, I am quite disappointed with the development by OpenX. I was quite happy to find a lot of useful information FOR FREE on your page, how to update for example. Without this I could have never done it. And this entry about security fixes certainly made my day and my page more secure.

Thank you for sharing.

With best regards, Burgy

P.s. And yes, you are certainly an OpenX specialist!

]]> Comment on What to do when you suspect your OpenX system has been hacked by Erik Geurts http://www.openxconsultant.com/blog/2011/10/what-to-do-when-you-suspect-your-openx-system-has-been-hacked/comment-page-1/#comment-715 Erik Geurts Mon, 24 Oct 2011 07:24:13 +0000 http://www.openxconsultant.com/?p=1033#comment-715 If you want to change the database login credentials, I'd suggest going about it like this: - in MySQL, create a new user with password - in MySQL, assign the user to the existing database, with 'all privileges' as is required for OpenX - for OpenX, change the configuration file with a text editor so that it starts to use the new username and password - in MySQL, once you've verified everything works correctly, remove the 'old' user in MYSQL so it can no longer access the database, but do not remove the user yet - Check again if everything continues to work correctly, and once that's confirmed, you can remove the old MySQL user If you want to change the database login credentials, I’d suggest going about it like this:
- in MySQL, create a new user with password
- in MySQL, assign the user to the existing database, with ‘all privileges’ as is required for OpenX
- for OpenX, change the configuration file with a text editor so that it starts to use the new username and password
- in MySQL, once you’ve verified everything works correctly, remove the ‘old’ user in MYSQL so it can no longer access the database, but do not remove the user yet
- Check again if everything continues to work correctly, and once that’s confirmed, you can remove the old MySQL user

]]> Comment on What to do when you suspect your OpenX system has been hacked by Jennie http://www.openxconsultant.com/blog/2011/10/what-to-do-when-you-suspect-your-openx-system-has-been-hacked/comment-page-1/#comment-711 Jennie Sat, 22 Oct 2011 22:49:45 +0000 http://www.openxconsultant.com/?p=1033#comment-711 I went ahead and not only renamed the directory while cleaning the affected fields, I also created a new database user and then changed it in the config file. In addition, I added an .htaccess file to /www/admin as you said, and it's IP restricted. So far, that seems to be working (yes all passwords are changed). By the way, if I were to want to make a permanent change to database user and password in the config file, how do I go about doing that? I've been unsuccessful so far (without reinstalling, I mean). I went ahead and not only renamed the directory while cleaning the affected fields, I also created a new database user and then changed it in the config file. In addition, I added an .htaccess file to /www/admin as you said, and it’s IP restricted. So far, that seems to be working (yes all passwords are changed).

By the way, if I were to want to make a permanent change to database user and password in the config file, how do I go about doing that? I’ve been unsuccessful so far (without reinstalling, I mean).

]]> Comment on What to do when you suspect your OpenX system has been hacked by Steven http://www.openxconsultant.com/blog/2011/10/what-to-do-when-you-suspect-your-openx-system-has-been-hacked/comment-page-1/#comment-700 Steven Fri, 07 Oct 2011 15:09:51 +0000 http://www.openxconsultant.com/?p=1033#comment-700 I found the 24kb find at the location that you wrote above. And then I deleted it. Now the error is gone! Thank you so much! I found the 24kb find at the location that you wrote above. And then I deleted it. Now the error is gone!

Thank you so much!

]]> Comment on What to do when you suspect your OpenX system has been hacked by aweenk http://www.openxconsultant.com/blog/2011/10/what-to-do-when-you-suspect-your-openx-system-has-been-hacked/comment-page-1/#comment-699 aweenk Fri, 07 Oct 2011 11:15:40 +0000 http://www.openxconsultant.com/?p=1033#comment-699 It happened to me as well. The OpenX application still asks for a password when I get the tab code invocation n configuration. It happened to me as well. The OpenX application still asks for a password when I get the tab code invocation n configuration.

]]> Comment on What to do when you suspect your OpenX system has been hacked by Erik Geurts http://www.openxconsultant.com/blog/2011/10/what-to-do-when-you-suspect-your-openx-system-has-been-hacked/comment-page-1/#comment-698 Erik Geurts Fri, 07 Oct 2011 05:25:34 +0000 http://www.openxconsultant.com/?p=1033#comment-698 You're seeing this because of the fact the hacker managed to alter at least on of the files in the plugins directory, in this case most likely in the "plugins/3rdPartyServers/ox3rdPartyServers" directory. The files in there are normally about 3 to 4 KB in size, but you may find one or more files there that are larger and have a different date from the rest. You’re seeing this because of the fact the hacker managed to alter at least on of the files in the plugins directory, in this case most likely in the “plugins/3rdPartyServers/ox3rdPartyServers” directory. The files in there are normally about 3 to 4 KB in size, but you may find one or more files there that are larger and have a different date from the rest.

]]> Comment on What to do when you suspect your OpenX system has been hacked by Steven http://www.openxconsultant.com/blog/2011/10/what-to-do-when-you-suspect-your-openx-system-has-been-hacked/comment-page-1/#comment-697 Steven Thu, 06 Oct 2011 21:01:21 +0000 http://www.openxconsultant.com/?p=1033#comment-697 My OpenX was hacked and malware was added to it. I found and deleted malware tags from the append and prepend columns of the banners table. And I have checked the users table, there were no strangers there. Also, I scanned the web and database server. When I open HTML banners which are already in OpenX, it shows an error message. And the same for when I try to create a new HTML banner. However, it still shows this error. Any suggestion beside this? My OpenX was hacked and malware was added to it.

I found and deleted malware tags from the append and prepend columns of the banners table. And I have checked the users table, there were no strangers there. Also, I scanned the web and database server.

When I open HTML banners which are already in OpenX, it shows an error message. And the same for when I try to create a new HTML banner.

However, it still shows this error. Any suggestion beside this?

]]> Comment on Advanced implementation of OpenX Single Page Call by Erik Geurts http://www.openxconsultant.com/blog/2011/06/advanced-implementation-of-openx-single-page-call/comment-page-1/#comment-684 Erik Geurts Thu, 14 Jul 2011 10:16:30 +0000 http://www.openxconsultant.com/?p=968#comment-684 Hi Bruno, Yes, Single Page Call is available in OpenX v2.6 as well, but I haven't tested it in great detail. I would recommend upgrading to version 2.8 for all sorts of reasons, including performance. Regards, Erik Geurts Hi Bruno,

Yes, Single Page Call is available in OpenX v2.6 as well, but I haven’t tested it in great detail. I would recommend upgrading to version 2.8 for all sorts of reasons, including performance.

Regards, Erik Geurts

]]> Comment on Advanced implementation of OpenX Single Page Call by Bruno http://www.openxconsultant.com/blog/2011/06/advanced-implementation-of-openx-single-page-call/comment-page-1/#comment-683 Bruno Thu, 14 Jul 2011 09:24:06 +0000 http://www.openxconsultant.com/?p=968#comment-683 Thanks for the tip. Does it also apply for OpenX 2.6? Thanks for the tip. Does it also apply for OpenX 2.6?

]]>