ZenAlien

Hi everyone, (TL;DR at the end) been a long time user of openx+revive (since around 2008). Just to say, that we know the product ? Since a few month, we noticed that we had some adverts being hijacked with suspects links, etc... BUT ONLY FOR MOBILES PHONES Being a long time user, we checked everything (append and prepend on zones + banners), nothing there because we locked these tables since a long time. All password were changes and so on, php execition is allready forbiden in the image foder since a long time. Because we did not find the cause, we did a deep investigations, we also had a look at this thread : Nothing there was useful to us, and all our files in the delivery folder are clean. So we did continue our investigation. And there, we noticed that in the cache folder, sometimes were generated some files with all the global config, in clear plain text, with all password, database access and passwords... See image here : https://www.dropbox.com/s/8bor7737lsx4o3h/rads.jpg?dl=1 So we started to panic ? We wanted to be sure our server had not been backdoored, so we did a fresh install in a localhost environment and we noticed the the same behaviour was happening on a fresh install. Has anyone noticed this ? TL;DR : - we got some advert being hijacked with link only on mobiles phones and we cant find where it is coming from - while investigating we noticed that in the cache folder, is generated a file with all criticals informations (DB PWD, etc...) We did not find a solution to our problem, still investigating since a few months.

hi there... probably a mix of http & httpS

nope, none !! :(

Hi there, we got exactly the same problem. We just move our AdServer to HTTPS, everything works fine, EXCEPT : - HTML5 banner added with iframe. Invocation code (Iframe) called from HTTP works perfectly Invocation code (iframe) called from HTTPS does not deliver anything... the body in the source code is empty. Invocation code (JS) called from HTTP works perfectly Invocation code (JL) called from HTTPS does not deliver anything... the body in the source code is empty. Has anybody been able to solve this problem ? We tried all solution and combinations.... :(