Line 1 Error

[IchBin]

Yes it does look like exactly what ZarPrime said. Contact your host immediately. Try to get a server access_log and/or error_log. If you can please attach it here if you can and I'll see if I can find where they have gained access. Definitely contact your host and tell ask them to look into how it happened and why.

[dunks]

Ive changed line 1 and its stopped most errors, ive checked every file that was modified at the same time and they have all had line 1 changed, do I just change line 1 to <?php on every file ?

Im just waiting a response from the host on why/how/who has changed it 

[IchBin]

Remove that whole mess of code that the placed right after the <?php tag. Let us know if the host comes back with an answer other than "Your software has a security problem". We are looking for details here. lol If you can provide a log, I'd be willing to look through to see if I can find anything if you want.

[dunks]

Reply from host

"Hello,

Thank you for contacting TMDHosting Support Team.

We have run a script which detect malicious code in the file and the found files are:

./.htaccess: Suspicious(RewriteRule): RewriteRule ^(activat
./tp-files/index.php: Suspicious(base64_decode): val(base64_decode('ZXJyb3Jf

You can check your access logs for today from your cpanel -.> Raw Access logs. If you find some IP which you think has been the cause for the issue you can block it from your cpanel -. IP deny.

In terms of networking security -- our datanceter has all the modern technologies and protections which are the cutting standards for every datacenter nowadays. You can read more about the datacenter facility at:

http://tmdhosting.com/datacenters.html

Still, there is an additional aspect and it is the code of your website, if you are using a third party script or an open source application to build your website you should make sure that it is always up to date and carefully review the documentation of any extensions you are installing. Regarding such code security, however, I am afraid that you will need to contact a professional web developer as we do no specialize in such services.


Please do not hesitate to contact us if you have any further questions or comments.

Best Regards,

Jeremy Lewis
Level 2 Technical Support
TMDHosting.com "



Ive checked the raw access log and theres no info in there for yesterday ive also checked the archive and its empty

[IchBin]

So basically they won't help you find out how the problem occurred. Not much we can do either on this end without any information to go off.

You should update your TP install, although there hasn't been any security fixes since the RC2 version that you are running.

[Maxx1]

Don't know if this may help, but you could try to ban the IP that is related to this error, and see if it stops, even if you own, then log on from another locating or get some one else to, like some team member here, then write down the IP addy and clear the logs, a see what happens. It could be someone flooding you site and they don even know it, because of Trojan infection!

Just an idea!

regards,
Maxx

[Maxx1]

Just wanted to add It should not hurt anything to change out the sources/TPsubs.php ) via FTP) or file manager and having a .httaccess is a must! if you don" have one and your root should also have (404.shtml, 404.html 503.html files in there.
you could search the net for best ways to use these, if you can not find them in the FAQs at you hosting Cpanel. Even if you get it fixed you'll need this stuff list above. If I can help please feel free!

regards,
Maxx

[Maxx1]

Don't know if this may help, but you could try to ban the IP that is related to this error, and see if it stops, even if you own, then log on from another locating or get some one else to, like some team member here, then write down the IP addy and clear the logs, a see what happens. It could be someone flooding you site and they don even know it, because of Trojan infection!

Just an idea!

regards,
Maxx

The ban trigger can be undone through the admin when finished, by the other admin or a team member here.. sorry but I'm unable to edit my post!

[dunks]

Although the problem has stopped, Im pretty sure it will reaccure again in a few weeks, but ive been back in touch with the host and got the following response

"Hello,

Thank you for getting back to us.

Note that on the shared servers the only limitations that we apply on the database size is maxmimum 250 MB. You database :

peugeot3_eslnBg

is 28 MB and you should not have any issues.

The only time a mysql error that may appear on your website is if the global /tmp folder on the server is full. This unfortunately is something that we can not avoid, but this /tmp folder get full once or maximum twice time a month and our team immediately reacts and cleans that folders.


If the error keep appearing we shall need step by step instructions of how to recreate the issue on our side so we can investigate further or you can upload some screenshots so we can check them

Please do not hesitate to contact us again if you have any further questions or comments.

Best Regards,

Jeremy Lewis
Level 2 Technical Support
"