Welcome to Geeklog Monday, December 09 2019 @ 06:40 pm EST

Geeklog Forums

Security: possible abuse on forum createtopic.php file


Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/05
Posts: 1569
Location:la rochelle, France
I received the following report on a Security Abuse Warning message from our hosting service.

Does anyone have a problem with the forum plugin (Version 2.8.0)?


[---START REPORT---]
top - 19:20:55 up 10 days, 19:56, 0 users, load average: 125.03, 74.06, 34.38
Tasks: 317 total, 2 running, 313 sleeping, 0 stopped, 2 zombie
Cpu(s): 28.0%us, 7.3%sy, 0.0%ni, 64.4%id, 0.3%wa, 0.0%hi, 0.0%si, 0.0%st
Mem: 1048576k total, 995228k used, 53348k free, 0k buffers
Swap: 0k total, 0k used, 0k free, 0k cached

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME COMMAND
11759 hotelier 16 0 348m 20m 10m R 4.3 2.0 0:00.13 php
13472 hotelier 15 0 348m 20m 10m D 3.0 2.0 0:00.11 php
11823 hotelier 15 0 347m 19m 9.8m D 2.0 1.9 0:00.09 php
12187 hotelier 15 0 347m 19m 9.8m D 2.0 1.9 0:00.09 php
11851 hotelier 16 0 0 0 0 Z 1.3 0.0 0:00.20 php <defunct>
12254 hotelier 16 0 346m 17m 9908 D 1.3 1.7 0:00.07 php
13484 hotelier 17 0 275m 11m 8092 S 1.3 1.1 0:00.04 php
13486 hotelier 17 0 275m 11m 8092 S 1.3 1.1 0:00.04 php
13360 hotelier 16 0 319m 24m 10m D 1.0 2.4 0:00.22 php
13458 hotelier 16 0 345m 16m 9768 D 1.0 1.6 0:00.06 php
13487 hotelier 17 0 275m 11m 8092 S 1.0 1.1 0:00.03 php
11365 hotelier 15 0 344m 16m 9236 D 0.7 1.6 0:00.06 php
12071 hotelier 17 0 275m 11m 8092 S 0.7 1.1 0:00.02 php
12120 hotelier 17 0 275m 11m 8092 S 0.7 1.1 0:00.02 php
12133 hotelier 16 0 348m 20m 10m D 0.7 2.0 0:00.13 php
12145 hotelier 16 0 348m 20m 10m D 0.7 2.0 0:00.15 php
13412 hotelier 16 0 0 0 0 Z 0.7 0.0 0:00.24 php <defunct>
13468 root 15 0 15160 1512 1008 R 0.7 0.1 0:00.03 top
19620 mysql 15 0 1792m 292m 6884 S 0.7 28.6 61:14.32 mysqld
11355 hotelier 15 0 348m 20m 10m D 0.3 2.0 0:00.09 php
11428 hotelier 15 0 347m 19m 10m D 0.3 1.9 0:00.12 php
11822 hotelier 15 0 348m 20m 10m D 0.3 2.0 0:00.12 php
12050 hotelier 15 0 347m 19m 10m D 0.3 1.9 0:00.11 php
12052 hotelier 16 0 348m 20m 10m D 0.3 2.0 0:00.12 php
1 root 15 0 19232 1500 1256 S 0.0 0.1 0:02.33 init
1331 root 18 0 50576 8664 2304 S 0.0 0.8 0:00.11 leechprotect
1575 root 18 0 64124 1212 548 S 0.0 0.1 0:00.00 sshd
1583 root 18 0 22100 948 720 S 0.0 0.1 0:00.00 xinetd
3272 root 18 0 95784 1300 644 S 0.0 0.1 0:20.28 crond
5566 nobody 15 0 75440 5616 2040 S 0.0 0.5 0:00.14 httpd
7530 nobody 15 0 75440 5620 2028 S 0.0 0.5 0:00.07 httpd
7574 root 15 0 49452 10m 1640 S 0.0 1.1 0:00.69 tailwatchd
7599 root 18 0 34536 4852 1456 S 0.0 0.5 0:00.97 queueprocd - wa
7673 nobody 15 0 75592 5656 2040 S 0.0 0.5 0:00.04 httpd
7684 nobody 15 0 75496 5684 2032 S 0.0 0.5 0:00.06 httpd
7685 nobody 15 0 75548 5708 2036 S 0.0 0.5 0:00.05 httpd
7686 named 25 0 233m 19m 2584 S 0.0 1.9 0:03.38 named
7692 nobody 15 0 75488 5676 2028 S 0.0 0.5 0:00.04 httpd
7736 root 15 0 14768 788 580 S 0.0 0.1 0:00.10 dovecot
7737 root 15 0 21852 1220 956 S 0.0 0.1 0:00.10 dovecot-auth
7754 root 15 0 114m 1912 1288 S 0.0 0.2 0:00.19 pure-ftpd
7755 dovecot 16 0 37012 2648 2024 S 0.0 0.3 0:00.00 pop3-login
7756 dovecot 15 0 37012 2644 2024 S 0.0 0.3 0:00.01 pop3-login
7757 dovecot 15 0 37028 2668 2040 S 0.0 0.3 0:00.00 imap-login
7758 dovecot 15 0 37028 2676 2040 S 0.0 0.3 0:00.03 imap-login
7760 root 16 0 112m 1736 1296 S 0.0 0.2 0:00.03 pure-authd
7763 nobody 15 0 75448 5576 2020 S 0.0 0.5 0:00.01 httpd
7821 root 33 18 27076 2972 776 S 0.0 0.3 0:00.03 cpanellogd - sl
7823 mailnull 15 0 69444 1472 724 S 0.0 0.1 0:00.13 exim
7843 nobody 15 0 75472 5544 2024 S 0.0 0.5 0:00.01 httpd
7858 root 18 0 152m 47m 3044 S 0.0 4.6 0:02.80 /usr/local/cpan
7906 nobody 15 0 75428 5444 1980 S 0.0 0.5 0:00.02 httpd
7907 root 15 0 158m 53m 3180 S 0.0 5.2 0:09.24 spamd child
7908 nobody 15 0 75428 5468 1980 S 0.0 0.5 0:00.00 httpd
7909 nobody 15 0 75444 5552 2020 S 0.0 0.5 0:00.02 httpd
7911 nobody 15 0 75456 5516 2024 S 0.0 0.5 0:00.02 httpd
7912 nobody 15 0 75428 5564 2036 S 0.0 0.5 0:00.05 httpd
7913 nobody 15 0 75436 5448 1980 S 0.0 0.5 0:00.02 httpd
7914 nobody 15 0 75312 5444 1984 S 0.0 0.5 0:00.02 httpd
7954 root 18 0 21500 664 472 S 0.0 0.1 0:00.00 atd
8048 nobody 15 0 75440 5576 2028 S 0.0 0.5 0:00.02 httpd
8066 nobody 15 0 75440 5448 1968 S 0.0 0.5 0:00.02 httpd
8068 nobody 15 0 75312 5428 1968 S 0.0 0.5 0:00.02 httpd
8086 nobody 18 0 75312 5364 1944 S 0.0 0.5 0:00.00 httpd
8087 nobody 15 0 75452 5616 2036 S 0.0 0.5 0:00.04 httpd
-bash-4.1# ps aufx
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.1 19232 1500 ? Ss Jul30 0:02 init
root 1575 0.0 0.1 64124 1212 ? Ss Jul30 0:00 /usr/sbin/sshd
root 1583 0.0 0.0 22100 948 ? Ss Jul30 0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
root 3272 0.0 0.1 95784 1300 ? Ss Jul30 0:20 crond
root 13326 0.0 0.5 75172 6208 ? Ss Aug08 0:09 /usr/local/apache/bin/httpd -k restart -DSSL
root 1331 0.0 0.8 50576 8664 ? S 19:05 0:00 \_ /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect
nobody 5566 0.0 0.5 75440 5616 ? S 19:11 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13338 0.0 0.3 75440 3608 ? D 19:20 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 7530 0.0 0.5 75440 5620 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
ecologie 9421 0.0 0.2 154060 2960 ? D 19:16 0:00 | \_ /usr/bin/php /home/ecologie/public_html/mediagallery/postcard.php
nobody 7673 0.0 0.5 75592 5656 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13504 0.0 0.3 75592 3640 ? D 19:20 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 7684 0.0 0.5 75496 5684 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11903 0.2 2.4 361360 25388 ? S 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 7685 0.0 0.5 75548 5708 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
root 11964 0.0 0.0 11956 760 ? D 19:19 0:00 | \_ /opt/suphp/sbin/suphp
nobody 7692 0.0 0.5 75488 5676 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
root 12229 0.0 0.0 464 12 ? D 19:20 0:00 | \_ [suphp]
nobody 7763 0.0 0.5 75448 5580 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
root 13537 0.0 0.1 14248 1376 ? D 19:21 0:00 | \_ /opt/suphp/sbin/suphp
nobody 7843 0.0 0.5 75472 5544 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12237 0.0 0.0 85304 664 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 7906 0.0 0.5 75428 5448 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13505 0.5 1.1 347356 11948 ? Sl 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/index.php
nobody 7908 0.0 0.5 75428 5468 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
ecologie 12152 0.4 2.3 360576 24936 ? S 19:20 0:00 | \_ /usr/bin/php /home/ecologie/public_html/forum/createtopic.php
nobody 7909 0.0 0.5 75444 5552 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12287 0.0 0.1 14192 1528 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 7911 0.0 0.5 75456 5516 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12090 0.0 0.0 10956 20 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 7912 0.0 0.5 75428 5564 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12116 0.0 0.0 10956 20 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 7913 0.0 0.5 75436 5448 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13522 0.7 1.1 281820 11944 ? Sl 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 7914 0.0 0.5 75312 5444 ? S 19:14 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12006 0.0 0.0 10956 16 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 8048 0.0 0.5 75440 5576 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11963 0.0 0.0 10956 16 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 8066 0.0 0.5 75440 5448 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
cordiste 13524 0.6 1.1 281820 11944 ? S 19:20 0:00 | \_ /usr/bin/php /home/cordiste/public_html/users.php
nobody 8068 0.0 0.5 75312 5428 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11704 0.0 0.0 131640 832 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 8086 0.0 0.5 75312 5364 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11602 0.0 1.0 273624 11436 ? D 19:18 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 8087 0.0 0.5 75452 5616 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12056 0.2 2.4 361360 25336 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 8093 0.0 0.5 75424 5444 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12272 0.0 0.0 11020 180 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 8094 0.0 0.5 75452 5612 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13495 0.2 1.0 273624 11440 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 8098 0.0 0.5 75440 5464 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13398 0.2 1.0 273624 11432 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 8161 0.0 0.5 75440 5580 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13385 0.1 1.1 347356 11968 ? Sl 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/memberlist.php
nobody 8180 0.0 0.5 75448 5444 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
ecologie 12270 0.0 1.1 281820 11948 ? S 19:20 0:00 | \_ /usr/bin/php /home/ecologie/public_html/forum/createtopic.php
nobody 9218 0.0 0.5 75440 5584 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13466 0.0 0.3 75440 3584 ? D 19:20 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 9219 0.0 0.5 75448 5476 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12269 0.1 1.1 281820 11944 ? S 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/profiles.php
nobody 9221 0.0 0.5 75448 5452 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11771 0.0 0.1 154060 1700 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9251 0.0 0.5 75444 5416 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
geeklog 9435 0.0 1.0 273624 11436 ? D 19:16 0:00 | \_ /usr/bin/php /home/geeklog/public_html/forum/index.php
nobody 9252 0.0 0.5 75312 5420 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13536 0.0 0.1 14192 1524 ? D 19:21 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9253 0.0 0.5 75440 5460 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
root 12080 0.0 0.0 468 100 ? D 19:19 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9254 0.0 0.5 75440 5500 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13487 0.3 1.1 347356 11952 ? Sl 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/captcha/captcha.php
nobody 9255 0.0 0.5 75444 5488 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12175 0.0 0.0 10956 20 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9256 0.0 0.5 75448 5440 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13527 0.6 1.1 281820 11944 ? S 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9257 0.0 0.5 75432 5580 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11904 0.0 0.0 10956 16 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 9359 0.0 0.5 75448 5452 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
ecologie 11917 0.0 0.1 14192 1528 ? D 19:19 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9366 0.0 0.5 75440 5576 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12277 0.0 0.2 154060 2728 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 9378 0.0 0.5 75312 5432 ? S 19:15 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13413 0.0 0.1 14192 1524 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9456 0.0 0.5 75432 5440 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13461 0.0 0.2 154060 2684 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9475 0.0 0.5 75444 5448 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 9478 0.0 0.5 75444 5456 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12070 0.0 0.0 82892 644 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 9479 0.0 0.5 75440 5428 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
ecologie 11767 0.1 2.0 357440 21976 ? D 19:19 0:00 | \_ /usr/bin/php /home/ecologie/public_html/users.php
nobody 9500 0.0 0.5 75432 5412 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11849 0.0 1.0 273624 11440 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 9505 0.0 0.5 75308 5400 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
root 11314 0.0 0.0 11956 1028 ? D 19:18 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9506 0.0 0.5 75444 5452 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
root 13404 0.0 0.0 464 28 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9507 0.0 0.5 75432 5408 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11305 0.0 1.9 356292 20240 ? D 19:18 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9508 0.0 0.5 75440 5556 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13340 0.9 2.6 440964 28272 ? S 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 9533 0.0 0.5 75312 5424 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13470 0.1 1.1 347356 11952 ? Sl 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9561 0.0 0.5 75308 5424 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13465 0.0 0.3 75308 3484 ? D 19:20 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 9562 0.0 0.5 75432 5424 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
ecologie 13411 0.0 0.4 154004 4472 ? D 19:20 0:00 | \_ /usr/bin/php /home/ecologie/public_html/index.php
nobody 9593 0.0 0.5 75312 5384 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11823 0.1 2.3 360840 24864 ? S 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 9594 0.0 0.5 75448 5432 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
ecologie 12144 0.0 0.9 240064 10252 ? D 19:20 0:00 | \_ /usr/bin/php /home/ecologie/public_html/404.php
nobody 9597 0.0 0.5 75432 5436 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13409 0.0 0.0 78600 612 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9598 0.0 0.5 75432 5568 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13462 0.0 0.3 75432 3564 ? D 19:20 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 9599 0.0 0.5 75448 5460 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
ecologie 11943 0.0 0.0 136288 872 ? D 19:19 0:00 | \_ /usr/bin/php /home/ecologie/public_html/wiki/doku.php
nobody 9608 0.0 0.5 75444 5432 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13494 0.2 1.0 240328 10736 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 9609 0.0 0.5 75444 5436 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12004 0.0 0.0 10956 20 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9611 0.0 0.4 75312 5232 ? D 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 9612 0.0 0.5 75432 5568 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13407 0.0 0.0 66736 532 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9613 0.0 0.5 75312 5428 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 9615 0.0 0.5 75444 5580 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13463 0.0 0.3 75444 3584 ? D 19:20 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 9617 0.0 0.5 75440 5448 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13523 0.5 1.1 281820 11940 ? S 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9618 0.0 0.5 75448 5432 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
ecologie 11824 0.0 1.3 350252 13736 ? D 19:19 0:00 | \_ /usr/bin/php /home/ecologie/public_html/forum/viewtopic.php
nobody 9737 0.0 0.5 75444 5428 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13420 0.0 0.3 75444 3488 ? D 19:20 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 9751 0.0 0.5 75312 5400 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12261 0.1 1.0 240592 11204 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/profiles.php
nobody 9753 0.0 0.5 75312 5376 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
root 13406 0.0 0.0 12012 764 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9754 0.0 0.5 75312 5428 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12201 0.0 1.1 347356 11976 ? Sl 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9756 0.0 0.5 75312 5396 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11898 0.0 1.1 281820 11948 ? Sl 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9757 0.0 0.5 75312 5424 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13516 0.0 0.1 14192 1452 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9758 0.0 0.5 75308 5424 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12207 0.0 0.0 10956 20 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9759 0.0 0.5 75424 5488 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13459 0.0 0.3 154060 3912 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9827 0.0 0.5 75448 5444 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
ecologie 11997 0.0 1.0 273624 11436 ? D 19:19 0:00 | \_ /usr/bin/php /home/ecologie/public_html/profiles.php
nobody 9830 0.0 0.5 75312 5416 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12284 0.0 1.0 273624 11436 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9831 0.0 0.5 75308 5420 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13511 0.0 0.1 14192 1524 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9835 0.0 0.5 75444 5424 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12222 0.0 1.0 273624 11436 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9836 0.0 0.5 75312 5416 ? D 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12224 0.4 0.0 0 0 ? Z 19:20 0:00 | \_ [php] <defunct>
nobody 9837 0.0 0.5 75312 5424 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13400 0.2 1.1 347356 11968 ? Sl 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9838 0.0 0.5 75312 5448 ? S 19:16 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13352 0.0 0.1 14192 1520 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9853 0.0 0.4 75312 5240 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 10137 0.0 1.9 356292 20380 ? D 19:17 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9854 0.0 0.5 75308 5412 ? D 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11571 0.1 0.0 0 0 ? Z 19:18 0:00 | \_ [php] <defunct>
nobody 9855 0.0 0.5 75448 5452 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13414 0.0 0.1 14192 1532 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9856 0.0 0.5 75312 5432 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13499 0.0 0.3 75312 3668 ? D 19:20 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 9858 0.0 0.5 75432 5592 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11636 0.0 0.7 159360 7548 ? D 19:18 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9859 0.0 0.5 75312 5388 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12139 0.0 1.0 240592 11188 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9860 0.0 0.5 75436 5452 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13476 0.0 0.3 75436 3488 ? D 19:20 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 9869 0.0 0.5 75312 5436 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13401 0.2 1.0 273624 11436 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9870 0.0 0.5 75476 5552 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
root 13519 0.0 0.1 12088 1232 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9871 0.0 0.5 75444 5420 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12271 0.0 0.1 14192 1520 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9872 0.0 0.5 75440 5580 ? D 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13458 1.5 0.0 0 0 ? Z 19:20 0:00 | \_ [php] <defunct>
nobody 9873 0.0 0.5 75464 5536 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12067 0.1 1.9 356292 20392 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9874 0.0 0.5 75444 5456 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
ecologie 11999 0.0 0.1 14192 1528 ? D 19:19 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9876 0.0 0.5 75444 5452 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 9879 0.0 0.5 75312 5380 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12007 0.0 0.2 154060 3144 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 9880 0.0 0.5 75444 5444 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
root 12285 0.0 0.0 464 20 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9881 0.0 0.5 75432 5432 ? D 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12133 0.3 0.0 0 0 ? Z 19:20 0:00 | \_ [php] <defunct>
nobody 9882 0.0 0.5 75424 5408 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
root 12238 0.0 0.0 464 20 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9883 0.0 0.5 75308 5360 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11303 0.0 1.0 273624 11524 ? D 19:18 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 9884 0.0 0.5 75308 5412 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13510 0.0 0.1 14192 1524 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9961 0.0 0.5 75312 5412 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
root 13518 0.0 0.1 12088 1112 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9983 0.0 0.5 75312 5420 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 9986 0.0 0.5 75448 5428 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
ecologie 12005 0.0 0.1 14192 1524 ? D 19:19 0:00 | \_ /opt/suphp/sbin/suphp
nobody 9995 0.0 0.5 75420 5548 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 9996 0.0 0.5 75460 5552 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11312 0.0 1.1 281820 11940 ? S 19:18 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 9997 0.0 0.5 75312 5424 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11944 0.0 0.9 239932 10228 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 9998 0.0 0.5 75312 5360 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13517 0.0 0.1 14192 1488 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 10010 0.0 0.4 75312 5240 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11517 0.0 0.7 171516 7828 ? D 19:18 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 10011 0.0 0.5 75312 5416 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13422 0.0 0.3 75312 3476 ? D 19:20 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 10012 0.0 0.5 75312 5376 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 10113 0.0 0.4 154060 4380 ? D 19:17 0:00 | \_ /usr/bin/php /home/hotelier/public_html/captcha/captcha.php
nobody 10013 0.0 0.5 75476 5480 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 10014 0.0 0.5 75444 5436 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12143 0.0 0.0 10956 16 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 10015 0.0 0.5 75448 5440 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13410 0.2 0.9 239932 10068 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 10017 0.0 0.5 75440 5516 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13507 5.0 2.6 440964 28272 ? S 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 10142 0.0 0.5 75444 5420 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13460 0.0 0.0 126388 800 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/captcha/captcha.php
nobody 10155 0.0 0.5 75312 5424 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12276 0.0 0.7 225776 8116 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 10156 0.0 0.5 75432 5424 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13497 0.0 0.0 13288 208 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 10206 0.0 0.5 75312 5412 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12278 0.1 1.1 347356 11956 ? Sl 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/captcha/captcha.php
nobody 10210 0.0 0.5 75444 5388 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13363 0.0 0.1 14192 1528 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 10211 0.0 0.5 75440 5436 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12254 0.5 2.3 360844 24864 ? S 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 10219 0.0 0.5 75312 5420 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13368 0.0 0.3 75312 3488 ? D 19:20 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 10220 0.0 0.5 75460 5544 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 10222 0.0 0.5 75312 5408 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
root 12104 0.0 0.1 12088 1232 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 10223 0.0 0.5 75432 5428 ? S 19:17 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13525 1.3 1.1 281820 11944 ? S 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 11309 0.0 0.5 75312 5388 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12142 0.0 0.0 10956 16 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 11318 0.0 0.5 75432 5428 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13467 0.0 0.3 75432 3488 ? D 19:20 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 11319 0.0 0.4 75312 5240 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11365 0.1 2.4 361360 25384 ? S 19:18 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 11325 0.0 0.5 75312 5412 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13415 0.0 0.1 14192 1524 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 11326 0.0 0.5 75312 5412 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11855 0.0 0.0 13288 188 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/index.php
nobody 11327 0.0 0.5 75444 5476 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13526 0.6 1.1 281820 11944 ? S 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 11328 0.0 0.5 75444 5424 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12275 0.0 0.1 14192 1476 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 11340 0.0 0.5 75428 5552 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11795 0.0 0.9 240064 10272 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 11342 0.0 0.5 75312 5420 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13314 0.0 0.0 312 4 ? D 19:20 0:00 | \_ [suphp]
nobody 11343 0.0 0.5 75444 5420 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 13503 0.0 0.3 75444 3480 ? D 19:20 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 11344 0.0 0.5 75312 5400 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12001 0.0 1.0 273624 11476 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 11345 0.0 0.5 75312 5432 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13386 0.1 1.0 273624 11440 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 11346 0.0 0.5 75312 5404 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 11622 0.0 1.1 281820 11944 ? S 19:18 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 11347 0.0 0.5 75312 5416 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13496 0.1 0.7 213780 8048 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 11348 0.0 0.5 75312 5416 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13362 0.1 1.0 273624 11440 ? D 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 11385 0.0 0.5 75312 5412 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 11998 0.0 0.3 75312 3664 ? D 19:19 0:00 | \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 11406 0.0 0.5 75432 5492 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12003 0.0 0.0 10956 16 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 11453 0.0 0.5 75308 5404 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12286 0.0 1.1 347356 11956 ? Sl 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 11462 0.0 0.5 75312 5396 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13484 0.5 1.1 347356 11952 ? Sl 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 11463 0.0 0.5 75312 5436 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13341 0.1 1.1 347356 11972 ? Sl 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 11473 0.0 0.5 75448 5400 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
ecologie 12273 0.0 0.7 171516 7756 ? D 19:20 0:00 | \_ /usr/bin/php /home/ecologie/public_html/profiles.php
nobody 11474 0.0 0.5 75312 5392 ? S 19:18 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13486 2.2 2.4 361360 25384 ? S 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 12018 0.0 0.5 75308 5412 ? S 19:19 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
nobody 12026 0.0 0.5 75312 5376 ? S 19:19 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
root 12242 0.0 0.0 464 20 ? D 19:20 0:00 | \_ /opt/suphp/sbin/suphp
nobody 12027 0.0 0.4 75312 5240 ? S 19:19 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12052 0.3 2.7 441480 28784 ? S 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
nobody 12032 0.0 0.5 75312 5380 ? S 19:19 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13506 8.6 3.4 446512 36216 ? S 19:20 0:00 | \_ /usr/bin/php /home/hotelier/public_html/index.php
nobody 12033 0.0 0.5 75312 5264 ? S 19:19 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 12073 0.1 1.8 355776 19864 ? D 19:19 0:00 | \_ /usr/bin/php /home/hotelier/public_html/404.php
nobody 12034 0.0 0.5 75312 5400 ? S 19:19 0:00 \_ /usr/local/apache/bin/httpd -k restart -DSSL
hotelier 13383 0.2 1.1 347356 11964 ? Sl 19:20 0:00 \_ /usr/bin/php /home/hotelier/public_html/forum/createtopic.php
mysql 19620 2.9 28.5 1835008 299536 ? Sl Aug09 61:14 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --log-error=/var/lib/mysql/server.hostellerie.org.err --open-files-limit=11718 --pid-file=/var/lib/
root 7574 0.0 1.0 49452 11156 ? S 10:35 0:00 tailwatchd
root 7599 0.0 0.4 34536 4852 ? S 10:35 0:00 queueprocd - wait to process a task
named 7686 0.0 1.8 239436 19808 ? Ssl 10:35 0:03 /usr/sbin/named -u named
root 7736 0.0 0.0 14768 788 ? Ss 10:35 0:00 /usr/sbin/dovecot
root 7737 0.0 0.1 21852 1220 ? S 10:35 0:00 \_ dovecot-auth
dovecot 7755 0.0 0.2 37012 2648 ? S 10:35 0:00 \_ pop3-login
dovecot 7756 0.0 0.2 37012 2644 ? S 10:35 0:00 \_ pop3-login
dovecot 7757 0.0 0.2 37028 2668 ? S 10:35 0:00 \_ imap-login
dovecot 7758 0.0 0.2 37028 2676 ? S 10:35 0:00 \_ imap-login
root 7754 0.0 0.1 117252 1912 ? Ss 10:35 0:00 pure-ftpd (SERVER)
root 7760 0.0 0.1 114740 1736 ? S 10:35 0:00 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth
root 7821 0.0 0.2 27076 2972 ? SN 10:35 0:00 cpanellogd - sleeping for logs
mailnull 7823 0.0 0.1 69444 1472 ? Ss 10:35 0:00 /usr/sbin/exim -bd -q60m
root 7858 0.0 4.6 156520 48520 ? Ss 10:35 0:02 /usr/local/cpanel/3rdparty/perl/514/bin/spamd -d --allowed-ips=127.0.0.1 --pidfile=/var/run/spamd.pid --max-children=3 --max-spare=1
root 7907 0.0 5.1 162188 54296 ? S 10:36 0:09 \_ spamd child
root 9979 0.0 1.3 97164 13948 ? S 10:41 0:00 cpsrvd (SSL) - waiting for connections
root 7954 0.0 0.0 21500 664 ? Ss 14:29 0:00 /usr/sbin/atd
root 13370 0.0 0.0 10444 380 ? Ss 19:20 0:00 vzctl: pts/0
root 13371 0.0 0.1 86840 1860 pts/0 Ss 19:20 0:00 \_ -bash
root 13534 1.0 0.1 89112 1472 pts/0 R 19:20 0:00 \_ ps aufx
[---END REPORT---]

I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/05
Posts: 1384
No. I get a lot of spammers and such trying to hack createtopic.php (along with users.php from Geeklog) in my logs but Geeklog along with a modified version of the ban plugin keeps them out.

I am not sure what this report is trying to show? Are your hosts saying to many visitors are trying to access the forum?
One of the Geeklog Core Developers.
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/05
Posts: 1569
Location:la rochelle, France
They say my account overload server by apache and php process.

I will ask them to unsuspended our server and I will check if anti spammers scripts are installed and running on this Geeklog site.

Thanks for the feedback Tom.

Ben
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

ironmax

Anonymous
Quote by: ::Ben

They say my account overload server by apache and php process.

I will ask them to unsuspended our server and I will check if anti spammers scripts are installed and running on this Geeklog site.

Thanks for the feedback Tom.

Ben



Ben,

Read this post on ZBBLOCK, and see if it can help you.

Michael
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/05
Posts: 1569
Location:la rochelle, France
Thanks Mickael for the link.

I just installed bad behavior plugin to see if this script will solve my problem.

Tom, do you think Ban plugion can do something for me?

Ben
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/05
Posts: 1384
The current release of the Ban Plugin just allows you to ban IPs manually.

I have a modified version that works with the GUS plugin to ban ips if they misbehave after a certain time period based on a few criteria. You can also whitelist ips and ban ips for only a certain period of time. It also is compatible with the StopForumSpam database and blocks any of those ips accessing your site if you want.

It's not quite ready for primetime yet but I can send it to you if you want.

Ironmax's recommendation of ZBBlock is good as well, is fast and it works fine with Geeklog. I have it installed on a site right now. ZBBlock can get a little to carried away sometime though and may block real people if they happen to come from a bad neighbourhood (IP wise).

The Bad behaviour 2 plugin works as well though I currently have it uninstalled because it was blocking Google's Rich Snippets testing tool. (it still is installed on Geeklog.net)

My Modified Ban plugin is not nearly as aggressive as the others and only looks for certain situations before banning ips. A lot will get by it but it works for my situations. I am planning to release it at some point to the public but I was hoping to clean it up a little and allow people to add their own rules if needed. I was also hoping to find the IP ranges of countries like China and block those to completely if the user wanted (make it similar to ZBBlock).



One of the Geeklog Core Developers.
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/05
Posts: 1569
Location:la rochelle, France
allow people to add their own rules if needed
This would be a nice feature.

Please Tom, can you send me a copy of your modified ban plugin.

I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/05
Posts: 1384
Will do.

The current rules I have setup is that it bans an ip after it uses so X many user agents in a given time period (it uses the GUS data to keep track of this so it needs to be installed as well). I found that the spammers targeting createtopic and users files would keep switching up the user agent (the type of browser). You do have to be careful with settings since you don't want to ban Google (which uses about 6 different user agents), etc. which isn't to bad because most of the spammers used 20 or more.

A few things still need to be improved:

Right now the rules are hard coded. I had plans to make this db or file driven. (whatever is faster)

I also need to take out the log viewer (since Geeklog 2.1.0 will ship with one)

The StopForumSpam Database file also needs to be manually updated. I had plans to have this automatically downloaded every few days.

and probably a few other things.

One of the Geeklog Core Developers.
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/05
Posts: 1569
Location:la rochelle, France
A rule I would need: If create a forum topic is set for logged-in user only, ban the user on second or third attempt.

Ben
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/05
Posts: 1384
Hi Ben,

I updated the Google Geeklog Repository with the Ban Plugin version 2.0.0

http://code.google.com/p/geeklog/source/list?repo=ban

Disclaimer: Smile This is still unreleased and not tested 100% so install at your own risk and backup your site first. Database changes could still happen in this version and updates will only be available from version 1.0.3

Now that is out of the way, it should install and upgrade fine and I have been using this code for a number of months now (I haven't had time to finish it) without any issues.

You should have the latest Gus plugin installed and you should look at the ban config file to see all the config options (I hope to move this to the Geeklog Configuration at some point). It is currently set to the config options I use.

The Stop Forum Spam file also will need to be manually updated about once a week (located under the plugins/ban/files directory. The new file can be found here http://www.stopforumspam.com/downloads/ and is the first file in the list called "All IPs in CSV (one line, comma seperated)". This will auto ban any ip listed in the file. At some point I want to be able to automatically download this file or at least allow the user to download it through the ban admin interface.

The rules I have setup are located in the functions.php under the ban_check function. If you want to add your own rules you will need to add them at the end of the function. At some point I want to move the rules to a separate directory and files. Each rule would have it's own file that if found would be loaded in. This way a webmaster could easily add and remove the rules.

IPs can now also be banned temporarily (short, medium, long timeframe) and you also can now whitelist ips.

The ban plugin should be at or near the top of the plugin load order.

If you want to work on any of the issues I have mentioned Ben you are more than welcome to add to the plugin. I do believe you have commit access at the Geeklog Repository on Google.

Keep me updated on your progress with the plugin.

Tom
One of the Geeklog Core Developers.
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/05
Posts: 1569
Location:la rochelle, France
Thanks Tom I will look at this.

Ben
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

joelbarrios

Forum User
Junior
Registered: 03/05/04
Posts: 22
Location:Mexico
I have choosed a different approach to handle this.

In my website I have choosed to allow anonymous users to access posts, but login is needed to create new posts. That allows anonymous users to see posts AND to access memberlist.php. I think that file should not be allowed to anonymous users because someway the spambots "see" the Email form button and then try to email every user in the list. Like honey to bees.

The approach I applied was to deny access to memberlist.php to anonymous users.

I edited memberslist.php. Removed/commented the following:

PHP Formatted Code
//Check is anonymous users can access
forum_chkUsercanAccess();

$display = '';


Replaced with:

PHP Formatted Code
//Check is anonymous users can see memberslist.php.
// Appplying the same policy as if anonymous can post.
if ($CONF_FORUM['registered_to_post'] && $_USER['uid'] < 2) {
    $url = $_CONF['site_url']. '/users.php?mode=new';
    $display = COM_siteHeader();
    $display .= COM_startBlock($LANG_GF00['access_denied']);
    $display .= '<br' . XHTML . '>' .$LANG_GF01['loginreqpost']. '<p>';
//    $display .= '<meta http-equiv="refresh" content="5; URL=' .$url. '">';
    $display .= COM_endBlock();
    $display .= COM_siteFooter();
    COM_output($display);
    exit;
}


If a spambot access memberlist.php, it shows an access denied to anonymous users page. You may optionallly refresh after 5 seconds to a users.php?mode=new with a captcha. I chose touse a plain access denied page. That means spambots do not even try to register.

Since there is no more a huge list of +4700 users with "Email" buttons, it stopped being attractive to spambots. I don't think the registered users have ever used memberlist.php. As far as I can see, my registered do not even know memberlist.php do exist.

If I wanted to create a "honey pot" trap, memberlist.php would be the perfect target.
-- http://www.AlcanceLibre.org/ La libertad del conocimiento al alcance de quien la busca.
 Quote

All times are EST. The time is now 06:40 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content