Is 185.27.134.175 active?

Hi to all,
http://enginery.freecluster.eu is my website. I could not reach yesterday night(GMT+03) and now. I could reach it during about one minute but that’s all :D. I checked server : 185.27.134.175 is not responding to ping from online ping tools too.

Is there any problem with 185.27.134.175 servers? If so when they will be solved? Thanks and healty days.

You are not getting a free dedicated server, so you can not access it via IP directly.

WingTsun, yes yes, I know, I only checked the server ip, that is the I wrote in my support question, whether it is down or not. So, do not misunderstand the topic please. :smiley:

Well, its up. Another thing is DNS Propagation. Sometimes you need to wait for some time for the address to start working. Sorry for misunderstanding you, my bad.

I have a off-topic question. You coded it from scratch? As I can not see any obvious CMS being used. If so, I need to show you something you might want to be aware of, but about that best if I sent you a PM.

Can you reach my website now? Since I still can not! So you must be a luckier than mine to reach my website ! And yes, I coded all myself :smiley:

You can not access it because of DNS Propagation. Try using a VPN and it will probably open up fine.

And about the code, I made a quick 2 minute look around, and I found few critical security bugs in your code. I hope this is just a test version which will be improved :stuck_out_tongue:

2 Likes

Hmm, why DNS propagated? I am just a amateur blogger, not understand too much of details about network :smiley: I did not do any changes in my network connection? Is it related with me or my country/region/ISP DNS server?

About my web site, since I am an amateur, you can always think that my website is in test version :smiley: :smiley: So any help to clear off some/all the security bugs of my website will be appreciated.

What does DNS propagation mean? DNS propagation is the time it takes updates to DNS records to be in full effect across all servers on the internet. Changes don’t take effect instantaneously because nameservers store domain record information in their cache for a certain amount of time before refreshing.

Basically when you make a new website address, it takes up to 72h to start working world-wide.

Sure, but not in public forum, so that other people can exploit your website lol. I can give you some pointers privately if you want to.

1 Like

Ok, I learned how to solve this problem in Linux ! and woola! Solved, I used

sudo systemctl restart NetworkManager

command in terminal. So, I can reach to my web again. Thanks ! About bugs, please send me a “bug spray code” to clean them, I think you can send them here if they are not so big !, I can change them fastly … :smiley:

2 Likes

Ok, good. As for windows, you can also clean your DNS cahce using CMD and command “ipconfig /flushdns”. Should be the same effect.

Happy you solved it :wink:

1 Like

You are missing critical file checks to check if file exists before you load a page, when you pass the filename using $_GET parameter. That leads to error, which can be used to do multiple types of attacks, even execute remote commands (RCE), access files outside the /htdocs directory and read configuration info, and so on.

Screen: https://i.imgur.com/ahxprQM.png
Vulnerable parameter: ?blogPage
Screen: https://i.imgur.com/1O4T14d.png
Vulnerable parameter: subblog

To fix it you have to properly filter the $_GET parameters, and do a PHP check “file_exists($_GET[‘file_name’])”.

It’s not a moderator locking it down, it’s just because your forum account is new and you’re at Trust Level 0, and all new forum accounts are not allowed to send direct messages. Once you’ve been here for a little while (just a few days usually), you’ll automatically be bumped up to Trust Level 1, which allows you to send direct messages (to users who haven’t disabled it).

3 Likes

Just let me know if you need any more help. Fixing these ones is not hard, however impact if exploited a certain way can be really bad.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.