Search

    <h2>Cannot modify header information - headers already sent by (output started at /home/wtdtan/whatthedale.com/v3/403.php:290)</h2> 
    <p>An error occurred in <code>/home/wtdtan/whatthedale.com/v3/symphony/lib/core/class.errorhandler.php</code> around line <code>29</code></p> 

    <pre id="markdown" style="display: none;">  Cannot modify header information - headers already sent by (output started at /home/wtdtan/whatthedale.com/v3/403.php:290)
/home/wtdtan/whatthedale.com/v3/symphony/lib/core/class.errorhandler.php line 29

24                  $class = "{$exception_type}Handler";
25              }
26
27              $output = call_user_func(array($class, 'render'), $e);
28              
29              header('Content-Type: text/html; charset=utf-8');
30      

I don't understand, what's your question?

wtdtan from another thread (closed, moved here)

Seems that the source code I posted in my other thread didn't seem to be liked by the forum. To answer kanduvisla's question, I had a bunch of crap code being injected above my opening html block of code. I did a quick ssh into my host and i saw that my index.php file had permissions of 0777 and there was a php include to a 403.php file that somehow got onto my server. I'm not sure how this happened, but I opened up a support ticket with my host (dreamhost) to see what the deal is. Maybe I did forget to change my index.php file back to at least 0775 (now set to 0755), but I'm not sure as it's been a while since I last touched my site. So i think this looks more like a server problem than an actual symphony problem.

thanks nick

I don't think it's permissions then. The best bet is to first look at the last modified date of index.php (before you edit it to remove the bad code), and then look through your access logs. If you have SSH access to your machine I presume you're on a VPS, so you'll be able to see the logs both for SSH logins and FTP logins (if you have FTP enabled). You should be able to see if anyone logged in around this time and what account they used.

I've seen this several times now (both on my own server and on those of friends) and it's always been a compromise of a server user account and not Symphony (or a script). Since locking the server down I've had no problems:

  • removed all FTP access
  • changed the default SSH port, so this must be specified at login
  • use public/private SSH keys, so no passwords are passed when connecting (otherwise they're passed as plain text and can be intercepted)

Your host should be able to help you with all of the above.

Good luck!

i'm actually on a shared server which makes it really strange that this was able to happen. I do have shell access to my account though.

It wouldn't make it strange at all unless it we're locked down like Nick suggests... Shared hosting can have vulnerabilities between domains on the same server. I've helped out with something similar a while back with a Symphony build.

Nick's suggestions should help though.

Create an account or sign in to comment.

Symphony • Open Source XSLT CMS

Server Requirements

  • PHP 5.3-5.6 or 7.0-7.3
  • PHP's LibXML module, with the XSLT extension enabled (--with-xsl)
  • MySQL 5.5 or above
  • An Apache or Litespeed webserver
  • Apache's mod_rewrite module or equivalent

Compatible Hosts

Sign in

Login details