New WebSTAR nightmare to report:
My DSL internet connection slowed to a crawl last night. After initially suspecting my PC was the culprit, I downloaded the newest Norton virus defs at a snail's pace. Norton catches viruses constantly, and I figured a new one came out and my Norton, having not done it's weekly update in a few days, didn't see it. Anyway, the PC was clean.
So I started unplugging ethernet connections and this pointed to my server. I tried quitting each application to see where the problem was, and the problem was WebSTAR.
The default installation of WebSTAR allows for it's proxy server to be active. And this means that anyone on the internet can use it to cover their tracks - generally not something you'd even care about if the activity you were undertaking wasn't nefarious.
I opened the proxy monitor and saw stuff scrolling by - so I knew what was going on. But the machine was so slow that I couldn't even change the settings, so I had to quit WebSTAR (BG, actually) and then remove the plug-in, and restart. And now everything's fine, thankfully. I looked at a few other WebSTAR installations that I know of, and I found that one had connections set to zero and was fine - unused. The other had connections on 4 and it had a pretty detailed usage log.
So set your WebSTAR proxy connections to zero, or, better yet, remove the plug-in entirely. Either way, be sure to restart to get those changes in effect.
And if you find a log file with as much junk in it as mine (mostly porn and crack stuff) save it. If someone ever tracks you down and wants to ban your IP or blame some hacking on you, it may be your only defense.
And WebSTAR, why leave that open by default? That's almost as bad as the spammer holes (which I'll detail soon).
Saturday, May 03, 2003
Spent a ton of time yesterday trying to troubleshoot my php mail function. It was swapping out quote marks (') and double quotes (") and apostrophes (') with /' and /", etc. The apostrophes made the whole email look awful. Anyway, the answer was that my php.ini file must be configured that way; rather than change it, I was able to use the function "stripcslashes" to reset it all. Hope this helps someone.