Viewing 15 posts - 1 through 15 (of 18 total)
  • Author
    Posts
  • landed Friend
    #1072117

    Until you get some kind of all clear and don’t need to upgrade UBER don’t. I am really not one to scaremonger but today I am embarking on a cleanup maybe a whole new build as my site has become infected and I do suspect the new install for uber.

    I have to have my site offline now while I do the cleanup. Can I suggest that the developers check the code and reply here that all is safe. If I am wrong I will immediately apologize to everyone but I am in a difficult place now and just by waiting you have nothing to loose.

    Clicking on the slide in side bar launches a ton of tabs with sites. It’s not just the sidebar in fact and inspecting the t3 megamenu we see links that are not correct.

    https://www.evernote.com/l/APG-7LTtDhFC5IRvpVDBht0aX0gHoHeTENg

    It looks like js injection is happening outside of the JA template as I see the same links injected into headings of articles when I use the default protostar. I’m still looking.

    Have found javascript in the actual articles so I am suspecting a form component and SQL injection at this stage. So I am moving towards UBER being clear- unless there is a rogue script in the updater..we will know if other people complain.

    I have now found that as I was deleting the js in the articles it was getting re-added behind me…frustrating. Investigating a direct SQL manipulation. Strict passwords are something I do and I thought mine were strict so perhaps they got it through a bad permission on a file or maybe I should stick to my guns more and never allow 3rd party access to the backend!

    • This topic was modified 7 years ago by  landed.
    • This topic was modified 7 years ago by  landed.
    • This topic was modified 7 years ago by  landed.
    • This topic was modified 7 years ago by  landed.
    • This topic was modified 7 years ago by  landed.
    landed Friend
    #1072447

    I am still hacked and have run this handy script. It does report mostly suspicious stuff from this template. For example
    t3-assets/js/ in this folder there are a lot of suspicious files.

    Please see this screen shot..

    https://www.evernote.com/l/APE2Wfd7qENNNpod9-A96jYyoKnW3AHJN9Y

    If your devs are interested I would like to know what should be in this folder…is this a part of UBER?

    Saguaros Moderator
    #1072564

    Hi,

    The ‘t3-assets’ folder holds the compress js / css files when you enable the Optimize CSS / JS option under template manager section. You can try to remove files inside this folder and disable this option to test again.

    And also make sure your hosting is secure first and you can also ask the hosting provider for help to find out the root of this security issue.

    Regards

    landed Friend
    #1073206

    We rewound the site to an earlier state and the hack was clear for 24hrs until I started to use the less css compiler! So there may be my clue for finding the problem.

    Are you able to tell me exactly the folders I can delete and reinstall the template pls. Or also point me in the direction of the code when this template gets less compiled to css please.
    Thanks

    Saguaros Moderator
    #1073261

    Hi,

    The LESS files are located in:

    root/templates/uber/less
    root/templates/uber/local/less (in case that you override in ‘local’ folder)

    The (compiled) CSS files are in:

    root/templates/uber/css
    root/templates/uber/local/css

    landed Friend
    #1073446

    The create css from less button is not working as expected as my code changes in the less files are not being compiled into css. Furthermore the development mode doesnt work, I get an error ERR_CONTENT_DECODING_FAILED

    "parse error: failed at &:extend(.clearfix all); root/templates/uber//less/../../../plugins/system/t3/base-bs3/bootstrap/less/mixins/grid.less on line 11
    An error occurred. Failed to compile."

    Is this related.

    I am asking where the actual less compiler files are..

    • This reply was modified 7 years ago by  landed.
    landed Friend
    #1073449

    https://github.com/leafo/lessphp/issues/520

    Can you guys recreate the issue? We can’t compile I think because of older less compiler.

    Saguaros Moderator
    #1073546

    I mean this compile button in Uber template: http://prntscr.com/h8kode

    landed Friend
    #1073575

    Yes it doesnt work, that button however doesn’t show the error. If you go here and then try to find a less file and then hit compile on this page you get the error.

    1. https://www.evernote.com/l/APFnDCzGPV1LX6m_-flLoNUBJnaz-8EhUFY
    2. https://www.evernote.com/l/APGsv2PfdjlBuomP-Rid2wDFabAJYJnB83M
    3. https://www.evernote.com/l/APGtTSSA_OVPG54e79FoP2-X8TpoRElAA00
    4. https://www.evernote.com/l/APHB477TWuBGxJfAE9rkRglQ4GWSIMlyCX0

    Looking through online you can see that this is due to an older compiler and there are suggestions to use a new one.

    landed Friend
    #1073667

    Ok the reason that was happening was a copied template across that was an old version that I had no way to update. Your docs one showed a video to duplicate a template to customise it. That was the worst piece of advice I think I ever got. There are much easier ways to customise a template and still be able to update it.

    So that caused us all some time. Sry.

    Moral: If ever you do a COPY think hmmm upgrade…is this a good idea. DRY.

    I would like the dev team to look at this as I am still not getting compiling occurring.
    I added a local folder and a new less file with my custom code thus..
    templates/uber/local/less/my-custom-less.less

    • This reply was modified 7 years ago by  landed.
    Saguaros Moderator
    #1073912

    Hi,

    It’s not the compile button I’m mentioning, pls use the one in Uber template: http://prntscr.com/h8kode

    If there is still issue, share me the admin + FTP account and backup your site first. I will try to compile.

    landed Friend
    #1074071

    I am telling you that the button in the screenshot does nothing. It is failing to compile, the other compiler button in my screenshots shows the error. You could log in and prove this to yourself if you dont believe me but I would rather not have to go to that level. What I want to hear you say is this..
    Hi
    We have checked our own version and we see the error as well! So no need to ask to get your login etc.. We are working on fixing this instead of telling the customer a workaround (that doesn’t work)

    Saguaros Moderator
    #1074145
    This reply has been marked as private.
    landed Friend
    #1074198

    I am not permitted to get the authorization since last time we gave out the credentials the site was hacked.
    I am sure you can understand.

    Why don’t you investigate the problem though? Actually I have shown you the problem in screen shots above and have spent way too much time on this.

    I repeat that this is due to an old less lib that doesn’t work and no longer compiles the latest bs3.

    You can reproduce this if you make a local/less/custom.less file then try and compile. Folow the screen shots above very clear instructions. This is from a brand new install and updated files.

    Saguaros Moderator
    #1074428

    Hi,

    We don’t mention customize less via custom.less file, there is only ‘custom.css’ file to keep the custom CSS code, pls check out this documentation for how to customize theme in templates built with T3 framework: http://www.t3-framework.org/documentation/bs3-customization#theme-customization

    Regards

Viewing 15 posts - 1 through 15 (of 18 total)

This topic contains 17 replies, has 2 voices, and was last updated by  landed 7 years ago.

We moved to new unified forum. Please post all new support queries in our New Forum