Malware/Adware on site deployed on AWS Elasticbeanstalk - amazon-web-services

I guess the title says it all.
I noticed some ads were popping up on a client's site we are currently developing. It only shows on this particular site. Not any other site. It is very annoying to put it mildly.
I thought removing it would be as easy as setting up a new environment on ElasticBeanstalk for it. I was wrong!
I have started a fresh instance for the application, scanned the project folder for malware before deploying, emptied the content of s3 bucket for static files. All these made no difference. The adware/malware is still there.
It has been driving me nuts for the past few days. Does anyone know how to resolve this kind of problem?

Mark B pointed me in the right direction.
I used inspect element to check the network processes of pages showing the Malware/Adware. It was after this i noticed a few asynchronous posts going to http://api.adsrun.net/post. Of course, i'm not making any post calls to this link. So i decided to inspect my JavaScript files as seen in View Page Source. Fortunately, it was in the last few lines of the second file i inspected. Immediately i deleted this file, normalcy returned to my web application.
It has been a very frustrating several hours. Thanks once again, Mark B for your suggestion.

Related

Postman Collection Runner runs stale request. Solution?

A couple of days ago, I ran a collection of two requests in Postman.
I was using an environment variable created in the first request which was then
used in the second request.
I ran the two requests manually in the primary application interface of
Postman, one by one. The responses were as expected and there were no errors.
But when I tried running the whole collection in one go from the Postman
Collection Runner interface, the second request gave me an error.
I checked and double-checked that I was running the right collection. I closed
and reopened the Collection Runner window.
Also, in the Collection Runner window I tried switching to some other
collection, and then switch back to the collection of interest.
As I remember it, I even exported, deleted, and then imported the collection
again. None of these actions would make the error go away.
One thing I noticed was that - when running in the Postman Collection Runner -
the first request would create an environment variable with a stale name,
that is with a name I had used previously for the same environment variable.
However, when running the first request manually (not in the Collection Runner
window), the environment variable was created under its new correct name.
I cannot reproduce this behavior, and therefore I don't expect to see a genuine
solution to the issue. But a workaround would be much appreciated.
In vain I had tried just about anything I could think of.
Then I found a post at the Postman community on
How to remove some or all requests from the history.
See the second post of the link ( = first answer ). It says:
"There is also a Clear All selection at the top of the History section if
you want to remove everything."
In the Postman primary interface, just click
History > Ellipsis (...) > Clear all.
VoilĂ ! - No error when running the collection in the Collection Runner window.
For navigation help, see the images below.

How to get Apache Superset to run on a specified path

I am running Apache Superset at the following address:
http://superset.example.com:8088
That gets redirected to:
http://superset.example.com:8088/superset/welcome
Ideally, users would get redirected to:
http://superset.example.com:8088/welcome
How can that be accomplished? As well I would like for it to run under port 80 so the port doesn't need to be specified but I haven't been able to do that either.
This issue covers what you're talking about:
https://github.com/apache/incubator-superset/issues/985
which led to this closed PR:
https://github.com/apache/incubator-superset/pull/1866
You can try to reopen the PR and finish it, or you can try configuring nginx like this guy suggests.
I found it very frustrating to setup a base url for superset. If you want to save some time, I condensed a couple of comments into a working example here: https://github.com/komoot/superset-reverse-nginx-example
Below is the way I eventually made it to run on an endpoint other than '/'. But my use case is to make it work on AWS Lambda in Serverless environment.
Eventually what i did was the below to make it work:
In config.py i have added another configuration variable and used this variable in locations where redirect or appbuilder.add_link has been used.
In templates folder there are places where directly '/superset/' has been used. So, even if i did first step right, the templates are not rendering in right way. So, i have to go and change the template as well (As of now I have hard-coded this. I need to make it configurable)
In front-end i have added a file called config.ts and I have used this config in locations wherever redirect was done in front-end. This has fixed up all my front-end links.
Only thing remaining for me was fixing "Upload CSV to Database" Link. When we click this link and enter the data, since Lambda doesn't allow any writes i tried to write to /tmp - but since we don't know whether the next request is going to be served by same lambda or not... so this is an issue as of now. The way I am planning to fix this is to write the files to s3 instead of local folder. I am still figuring out a way to do this.
-- No more nginx or other links. We don't even need gunicorn in this setup.
Thanks

How to find AWS Docker Repo

I went here and started on the first task which is to create a registry. I later closed my browser and when I go back to that page, I just get the homepage again and if I start that wizard, it acts as if I've never done it before and forces me to create a new repository.
How the heck do I get back to the repository I created initially and then how can I continue on with this wizard to the next steps with that repo? Or do I lose the repo entirely until I get through all steps in this wizard? Where the heck did my repo go? It says it exists but where? How do I get to back to that repo on the AWS control panel?
https://console.aws.amazon.com/ecs/home?region=us-east-1#/repositories
no? I couldn't comment instead of posting as answer due to insufficient reputation, sorry for that.

About Sitecore Backup

I am trying to backup a whole Sitecore website.
I know that the package designer can do part of the job, but not entirely.
Having a backup is always a good way when the site is broken accidently.
Is there a way or a tool to backup the whole Sitecore website?
I am new to the Sitecore, so any advise is welcome.
Thank you!
We've got a SQL job running to back-up the databases nightly.
Apart from that, when I deploy code and it's a small bit I usually end up backing up only the parts I'm going to replace. If it's a big code deploy I just back up the whole website (code-wise anyway) before deploying the code package.
Apart from that we also run scheduled backups of the code (although I don't know the intervals), and of course we've got source control if everything else fails.
If you've got an automated deployment tool you could also automate the above of course.
Before a major deploy of content or code, I typically backup the master database and zip everything in the website directory minus the App_Data and temp directories. That way if the deploy goes wrong, I can restore the code and database fairly quickly and be back to the previous state.
I have no knowledge of a tool that can do this for you, but there are a few ways you can handle this in an easy way:
1) you can create a database backup of the master database, but this only contains content and no files like media files that are saved on disk or your complete and build solution. It is always a good idea to schedule your database backup every night and save the backups for at least a week or more.
2) When you use the package designer, you can create dynamic pacakges that can contain all your content, media files and solution files on disk. This is an easy way to deploy the site onto a new Sitecore installation all at once, but it requires a manual backup every time.
3) Another way you can use is to serialize your entire content-tree to an xml-format on disk from the Developer tab. Once serialized, you can revert them back into the content tree.
I'd suggest thinking of this in two parts, the first part is backing up the application which is a simple as making sure your application is in some SCM system.
For that you can use Team Development for Sitecore. One of it's features allows you to connect a Visual Studio project to your Sitecore instance.
You can select Sitecore items that you want to be stored in your solution and it will serialize them and place them into your solution.
You can then check them into your SCM system and sleep easier.
The thing to note is deciding which item to place in source control, generally you can think of Sitecore items has developer owned and Content Editor owned. The items you will place in your solution are the items that are developer owned; templates, sublayouts, layouts, and content items that you need for the site to function are good examples.
This way if something goes bad a base restoration is quick and easy.
The second part is the backup of the content in Sitecore that has been added since your deployment. For that like Trayek said above use a SQL job to do the back-ups at whatever interval your are comfortable with.
If you're bored I have a post on using TDS (Team Development for Sitecore) you can check out at Working with Sitecore, Part Nine: TDS
Expanding bit more on what Trayek said, my suggestion would be to have a Continuous Integration (CI) and have automated deploy using Team City.
A good answer is also given here on Stack Overflow.
Basically in your case Teamcity would automatically
1. take back up of the current website (i.e. code) and deploy the new code on top of it.
2. Scripts can also be written to take a differential backup of the SQL databases, if need be.
Hope this helps.
Take a look at Sitecore Instance Manager module. Works really well for packaging entire Sitecore instance.

Coldfusion 8 scheduled task not running?

I started a job as a web developer at a company a few months ago managing a bunch of Coldfusion applications among other things. Apparently a scheduled task was set up many years ago, and worked fine until it stopped working under one of the previous web developers, a couple of years ago. No one knows why it stopped working, but it is now my job to fix it. This is my first job as a web developer, I didn't know CF when I started my job (barely knew it existed), and I only started learning about scheduled tasks this morning, so just know that I am a total newbie.
The file is a basic one- it just updates a table in the database. If you run the URL in the browser (which is what they have been doing for the past couple of years), it runs fine, and everything is updated. The scheduled task, which was set to run every night, has not been updating the file. I've tried turning on the log in CF Admin, setting it to run at various times this morning, and also just telling it to run manually, and according to the log, it is executing (with no errors), but the file is not being updated. I tried commenting out most of the file and just telling it to send a basic e-mail, with no variables or anything, but I am getting the same result.
Any ideas? I have no idea what to try from here. I tried looking for a solution online, but the only post I found similar to my situation is this, where people seem to be suggesting that the issue may be variables that are not available to the scheduler:
coldfusion scheduled task not sending emails
There are no variables on my page right now though. I tried running the task via CFSCHEDULE, per the suggestion on that page, but I got the same result as before. Some of the other suggestions (server monitor/FusionReactor/cflog) I just plain don't know how to do, so I have not tried those.
Edit: Right now, this is the only code in the page which is not commented out:
<cfmail
to="[e-mail address]"
from="[e-mail address]"
Subject="is it running at all?">
Is it running?
</cfmail>
Edit 2: Okay, now I've got something like this before and after the code for the e-mail:
<cflog
text = "before e-mail"
application = "yes"
log = "Scheduler"
type = "information">
I see the log messages if I actually go to the URL for the file (and the e-mail is sent as well), but not if I tell it to run the scheduled task from CF admin. Because the e-mail sends when I open the file in the browser, I don't think it is a problem with the mail server.
Edit 3: Yes, the e-mail addresses are plain, hard-coded strings.
I'm not exactly sure what you mean by "covered" by an Application.cfm file though. There is an Application.cfm file in the top-level of the site, but not within this particular sub-directory. There are a number of Application scope variables, but none that are used in the file as it is now.
Edit 4: Thank you for the explanation. As I said, total n00b when it comes to CF, so I appreciate the help. The Application.cfm page for this application checks to see if you are logged in, and if you are not, redirects you to the log in page. Could that be the issue?
Edit 5: YAY! It seems like that was the issue. Thank you thank you thank you! Leigh, please submit that as an answer so that I can choose it. You are my hero!
(From the comments )
A long shot but is your scheduled task inside a directory covered by an Application.cfm/Application.cfc file? The reason for asking is that the code inside the parent Application.cfm file executes first before your .cfm script. Is there any code inside the Application.cfm file that aborts a request or redirects (such as permissions check)?