Solved

Drupal Has Hijacked My Domain

Posted on 2008-10-18
4
507 Views
Last Modified: 2012-05-05
Dedicated server with Drupal and PerlDesk installed. Latest versions of both. Clean URLs is running on Drupal and oddly enough, turning it off and dumping my cache doesn't fix this issue.

Drupal is breaking the queries that PerlDesk makes via the URL. For example:

http://www.domain.com/cgi-bin/support/pdesk.cgi?do=register goes to a Drupal 404. pdesk.cgi by itself in the URL works but the software uses the query strings to run so it's 100% useless at the moment. I don't know what further information is needed but I have broken my .htaccess file several times trying to figure this out.

There is no content with a url alias of support.

Any insight or direction would be appreciated.
#

# Apache/PHP/Drupal settings:

#
 

# Protect files and directories from prying eyes.

<FilesMatch "\.(engine|inc|info|install|module|profile|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template)$">

  Order allow,deny

</FilesMatch>
 

# Don't show directory listings for URLs which map to a directory.

Options -Indexes
 

# Follow symbolic links in this directory.

Options +FollowSymLinks
 

# Make Drupal handle any 404 errors.

ErrorDocument 404 /index.php
 

# Force simple error message for requests for non-existent favicon.ico.

<Files favicon.ico>

  ErrorDocument 404 "The requested file favicon.ico was not found."

</Files>
 
 
 

# Override PHP settings. More in sites/default/settings.php

# but the following cannot be changed at runtime.
 

# PHP 4, Apache 1.

<IfModule mod_php4.c>

  php_value magic_quotes_gpc                0

  php_value register_globals                0

  php_value session.auto_start              0

  php_value mbstring.http_input             pass

  php_value mbstring.http_output            pass

  php_value mbstring.encoding_translation   0

</IfModule>
 

# PHP 4, Apache 2.

<IfModule sapi_apache2.c>

  php_value magic_quotes_gpc                0

  php_value register_globals                0

  php_value session.auto_start              0

  php_value mbstring.http_input             pass

  php_value mbstring.http_output            pass

  php_value mbstring.encoding_translation   0

</IfModule>
 

# PHP 5, Apache 1 and 2.

<IfModule mod_php5.c>

  php_value magic_quotes_gpc                0

  php_value register_globals                0

  php_value session.auto_start              0

  php_value mbstring.http_input             pass

  php_value mbstring.http_output            pass

  php_value mbstring.encoding_translation   0

</IfModule>
 

# Requires mod_expires to be enabled.

<IfModule mod_expires.c>

  # Enable expirations.

  ExpiresActive On
 

  # Cache all files for 2 weeks after access (A).

  ExpiresDefault A1209600
 

  # Do not cache dynamically generated pages.

  ExpiresByType text/html A1

</IfModule>
 

# Various rewrite rules.

<IfModule mod_rewrite.c>

  RewriteEngine on
 

  # If your site can be accessed both with and without the 'www.' prefix, you

  # can use one of the following settings to redirect users to your preferred

  # URL, either WITH or WITHOUT the 'www.' prefix. Choose ONLY one option:

  #

  # To redirect all users to access the site WITH the 'www.' prefix,

  # (http://example.com/... will be redirected to http://www.example.com/...)

  # adapt and uncomment the following:

  #RewriteCond %{HTTP_HOST} ^example\.com$ [NC]

  #RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]

  #

  # To redirect all users to access the site WITHOUT the 'www.' prefix,

  # (http://www.example.com/... will be redirected to http://example.com/...)

  # uncomment and adapt the following:

  # RewriteCond %{HTTP_HOST} ^www\.example\.com$ [NC]

  # RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]
 

  # Modify the RewriteBase if you are using Drupal in a subdirectory or in a

  # VirtualDocumentRoot and the rewrite rules are not working properly.

  # For example if your site is at http://example.com/drupal uncomment and

  # modify the following line:

  # RewriteBase /drupal

  #

  # If your site is running in a VirtualDocumentRoot at http://example.com/,

  # uncomment the following line:

  # RewriteBase /
 

# Rewrite current-style URLs of the form 'index.php?q=x'.

  RewriteCond %{REQUEST_FILENAME} !-f

  RewriteCond %{REQUEST_FILENAME} !-d

  RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
 

</IfModule>

Open in new window

0
Comment
Question by:xbekabugx
  • 2
4 Comments
 
LVL 9

Accepted Solution

by:
oliverpolden earned 500 total points
ID: 22751802
I would start by removing your .htaccess file.  Copy it somewhere else.  And you could also rename your index.php to something else so that isn't run by default.  Something like backup_index.php.  You should then find your PerlDesk works.  Drupal uses urls in special ways so it is very difficult to get two things running together.  You can just try to separate them as much as possible.
0
 
LVL 16

Expert Comment

by:GUEEN
ID: 22754710
Drupal URL validation broken Patch  http://drupal.org/node/273969
0
 

Author Comment

by:xbekabugx
ID: 22759644
I am going to have to figure out how to separate these with subdomains or something. This is a mess. Thank you for the help, Oliver
0
 
LVL 16

Expert Comment

by:GUEEN
ID: 22759668
OOh gee what was the correct answer to this question - for the good and validation of this PAQ?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now