ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

What File Contains the EE Version Number?

December 06, 2010 5:12pm

Subscribe [4]
  • #1 / Dec 06, 2010 5:12pm

    Vik

    209 posts

    My site was hacked over the weekend. Per Hostingmatters tech support:

    You have two directories under your account space that are full of script kiddie files:

    [...]

    They fact that they’re owned by user “nobody” means they were placed there via an exploit in a php application or plugin you’re using. You need to upgrade your blog software/other php applications, remove any plugins you’re not using and upgrade the rest. Also recommend changing passwords for all users on your blogs, or anything else that is a php application.

    This is a good time to upgrade to the latest EE. I need to find out what version of EE I was running so as to upgrade, and since my site is down, I can’t log in to check.  All my EE files are still accessible by FTP though. What EE file can I examine to determine what EE version I was running?

  • #2 / Dec 06, 2010 5:23pm

    cherrypj

    158 posts

    In EE1, it’s /system/config.php:

    $conf['app_version'] = "169";

    In EE2, it’s /system/expressionengine/config/config.php

    $config['app_version'] = '211';
  • #3 / Dec 06, 2010 5:23pm

    Brandon Jones

    5500 posts

    Hi Vik,

      Thanks for reporting this. We take security very seriously and will do our best to work with you on figuring out what’s going on. To that, we need some additional information from you.

      1. EE version and build (since you can’t access the control panel, open config/config.php and let us know the value of app_version)
      2. Other scripts on your account, whether in use or not (phpBB, etc…)*

      Please also check these files:

      * path.php
      * config.php
      * index.php

      to ensure that there is no unusual code such as iFrames or Javascript includes; if you do find that code, then please back-up the file and remove said code.  If you are unsure of what does or doesn’t belong in these files, do not hesitate to ask.

    After a full backup, go ahead and perform a version update. Thank you and please keep us posted.

  • #4 / Dec 06, 2010 6:13pm

    Vik

    209 posts

    Hi Brandon,

    Thanks very much for your help!

    1. EE version and build
    $conf[‘app_version’] = “160”;

    2. Other scripts
    No other scripts on this account.  There are of course various EE extensions.

    I have checked path.php, config.php, and index.php, per your request, and have not seen any iFrames or Javascript includes.

    I will perform an update later today and will report here on the status.

  • #5 / Dec 06, 2010 6:15pm

    Vik

    209 posts

    Question: Should I upgrade immediately to the latest version of EE? I believe I saw a forum post saying I first had to upgrade to EE 1.6.9.

  • #6 / Dec 06, 2010 9:27pm

    Vik

    209 posts

    I just installed EE 1.7, without copying in, yet, any of the mods and extensions I am using. I’m still getting an error message on trying to access the site:

    The requested URL /main was not found on this server.

    Does this error message indicate something I need to do?

    Also, are any database changes required to move from EE 1.6 to EE 1.7?

    Thanks in advance for any info.

  • #7 / Dec 07, 2010 9:46am

    Sue Crocker

    26054 posts

    Hi, Vik. There are a number of database changes from EE1.6 to EE1.7.0. Your best course of action is to do a Version Update. Does that help?

  • #8 / Dec 08, 2010 4:33pm

    Vik

    209 posts

    My site is back online! It looks like no data was lost.  Somehow the last time I upgraded I had left the upgrade.php and the uploads folder on the site, and that is something that EllisLabs specifically says not to do as it can be a security risk.

    Thanks to all here for your help!

  • #9 / Dec 09, 2010 11:22am

    Sue Crocker

    26054 posts

    Glad things are working again. Don’t hesitate to post again as needed.

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases