unexpected advx message??

bifferidge · Post by **bifferidge** » Fri Jun 03, 2005 2:23 am

Hello everyone, I seem to get this message "Welcome to 10.50.60.77
This site is powered by: Apache-AdvancedExtranetServer/2.0.50 (Mandrakelinux/7.2.101mdk) PHP/4.3.8!
Note: If you are seeing this instead of the webpage you expected, it's most likely because the server is not yet fully configured, or is under an upgrade. Come again tomorrow and your usual content should be back."

I just upgraded to 1.21 using Mr Melin's very wonderful CD.

I only get this message is I try to reach it from my lan.

I remember getting this with 1.19, but I solved it by enabling httd service. no such luck this time -- it's already running.

Clearly I am missing something VERY obvious

Can anyone help??

Post by **cordel** » Fri Jun 03, 2005 3:02 am

Most likely is in a subdomain like http://localhost/zm
You can change it by editing the httpd.conf and set DocumentRoot "/var/www/html" as an example to DocumentRoot "/var/www/html/zm" where the ZM php files are located.
Also be aware that Ross may have them located somewhere else and you may find a zm.conf located in apaches conf.d directory and in that case would take a little more configuration.
Regards,
Cordel

8ace · Post by **8ace** » Fri Jun 03, 2005 3:16 am

thanks Cordel, I'm going to check that out right now... (well, after a nice warm beveridge)

8ace · Post by **8ace** » Fri Jun 03, 2005 4:24 am

... couldn't find an httpd.conf file but *did* find an httpd2.conf which starts with a warning - "you really shouldn't change these settings unless you're a guru." I shyed away

Also tried to open /etc/zm.conf but got blasted with "cannot open remote file."

Tips? Suggestions??

BTW - the console runs just fine when I run on the local box.

8ace · Post by **8ace** » Fri Jun 03, 2005 2:42 pm

if I go to

10.50.60.77/zm/

I get to the the login screen!

(but if I just go to 10.50.60.77 I get the advx page)

Post by **cordel** » Fri Jun 03, 2005 5:57 pm

Thats the typical install as laid out in the instructions and is working like it should.
The zm.conf under /etc is different from the one I mention which should be under the apache conf.d directory. You may not have one.
As far as it goes, I know no easy soluton (that don't mean there isn't one). You would have to either change the web root, move the web files to the web root, or create a redirect in apache.
All those solutions require other changes in the zm options/paths except the redirect.
Regards,
Cordel

8ace · Post by **8ace** » Fri Jun 03, 2005 7:09 pm

hey Cordel - y'know I think that this will work out bertter for me anyway.

I am currently forwarding port 80 (using IPCOP) from my cable modem to this server (hitting http://mydomain.com) - - it probably makes sense to *not* have zm inviting logins I think.

By the way, is there any easy way in php to insert a "wait" between login attempts to deter a dictionary attack? I'm sorry, I know nothing about php!

thanks!!

Post by **cordel** » Fri Jun 03, 2005 7:22 pm

There are several methods... All of which I'm in the process of learning. For now the best thing is use phrases that are a combo of for example maybe the last four digits of your phone number together with a usual password. Something that makes since to you so that it's easy to remember. Just get creative so that you have something like 9275_password_300sxl this example is part phone #_obvious a password_car model (I put the underscores there just to make it easier to follow but you can use them to sometimes). Mix it up any way you want. I'd love to elaborate more but then I don't want to give away my meathods. The idea of slowing a hacker down is great but if you use something like I have above dictionary scan would never come close.

Regards,
Cordel

8ace · Post by **8ace** » Fri Jun 03, 2005 7:27 pm

yeah, those tactics make sense. I guess I'm too old and paranoid ...

I run IPCOP as the firewall but it is a very complex tool (for me) so I would probably have no idea if I was being hit anyway

Have a great weekend everyone!