Jump to content

Php Error Message

Restricted Content
 Share

Recommended Posts

Dean_ Experienced

Dean_

Posted
Posted
2 hours ago, Adriano Faria said:

Which error? Help people without crystal ball.

Got that Crystal ball yet? 🤣

4 minutes ago, AlienOrigins said:

No e-mail error..It occurred after the install with a little message saying "fatal php" something or another....Been a while so I don't recall the exact line....

That’s about as clear as mud, and now you only just mention this issue with absolutely no details. What on earth are meant to take from this?  😂

Link to comment
Share on other sites
CoffeeCake Veteran

CoffeeCake

Posted
Posted
8 minutes ago, AlienOrigins said:

No e-mail error..It occurred after the install with a little message saying "fatal php" something or another....Been a while so I don't recall the exact line....

You would need to provide details from PHP's error logging to determine what went wrong and what the appropriate solution would be.

The two most likely culprits are:

  • Necessary PHP extensions that are not installed on your server
  • Insufficient allocation of memory to PHP on your server

Your server error message log will tell you which is the problem.

To answer your question, neither the extensions required have been reduced, nor has the memory footprint of IPS been reduced. If your host is underpowered for IPS and you cannot change hosting providers or increase the amount of resources allocated to your site, IPS may not be the best fit for you.

You may want to consider IPS' Cloud offering if server administration is something you're not interested in.

Link to comment
Share on other sites
Restricted Content Explorer

Restricted Content

Posted
  • Author
Posted (edited)
2 minutes ago, CoffeeCake said:

Sorry, just looked at your profile, @AlienOrigins. I realized I forgot a third, equally plausible factor that may be resulting in the error you're seeing.

Yeti in the server.

harry and the hendersons film GIF

Possible..Then again at my age it could be a default setting in the cerebral cortex gone haywire...I will download it and install it if the php crap is still there I will delete the software.

Edited by AlienOrigins
Link to comment
Share on other sites
Daniel F Grand Master

Daniel F

Posted
Posted

Hi @AlienOrigins,

could you please explain your issue?
 

8 minutes ago, AlienOrigins said:

If you have not seen it then your obviously not using the software..

I'm using it daily, in fact I'm also handling the dev tickets so I'm aware of almost all the common issues and bugs our clients run into and I can tell you that we're not aware of any email issues in the software.


It's really hard to say if your issue was fixed without knowing what it is. Are you talking about  https://invisioncommunity.com/forums/topic/457795-email_test_mailfunction_disabled/?tab=comments#comment-2825231 ?

Have you tried the recent IPS release?If yes, are you still experiencing the issue? 

 

Link to comment
Share on other sites
Restricted Content Explorer

Restricted Content

Posted
  • Author
Posted
15 minutes ago, Daniel F said:

Hi @AlienOrigins,

could you please explain your issue?
 

I'm using it daily, in fact I'm also handling the dev tickets so I'm aware of almost all the common issues and bugs our clients run into and I can tell you that we're not aware of any email issues in the software.


It's really hard to say if your issue was fixed without knowing what it is. Are you talking about  https://invisioncommunity.com/forums/topic/457795-email_test_mailfunction_disabled/?tab=comments#comment-2825231 ?

Have you tried the recent IPS release?If yes, are you still experiencing the issue? 

 

Getting ready to install it..Will copy and paste the error if it's still there.

Link to comment
Share on other sites
CoffeeCake Veteran

CoffeeCake

Posted
Posted
1 hour ago, AlienOrigins said:

Dangerous Php Functions Enabled! 

I knew it was something along the line.

Ah! Yes, this message is a warning to you that your server's PHP configuration is unnecessarily vulnerable to being used by individuals and/or organizations looking to exploit and hack your site. Why? Well, most obviously, for alien mind control purposes. It's the only conclusion that makes sense.

Acid Trip Wtf GIF by Bubble Punk

The functions that are called out are not at all used by IPS and are incredibly dangerous to leave enabled. It is a security best practice that you should absolutely ensure you're heeding the advice of. They are commonly used to infiltrate web sites and steal data or worse.

If your host does not have the ability to modify your PHP configuration for you to disable those functions, my recommendation would be that you find another host. IPS will work just fine with the functions enabled, yet the warning is there for you as an administrator to remind you that you have left unnecessary risk in your install.

You may be able to disable functions using the php_value stanza in an .htaccess file, yet I would strongly advise you to disable this from your php configuration file. If you are using cPanel or the like, I'm sure there's a mechanism to do this. You want a web host where you at the very least are running in a chrooted environment and have the ability to modify the configuration of your PHP instance in a manner that does not affect others using the same web host or server.

Link to comment
Share on other sites
Davyc Mentor

Davyc

Posted
Posted

If you can't change your php configuration (possibly you are on shared hosting) then add the following to a Notepad file and name it php.ini 

disable_functions = exec, system, passthru, pcntl_exec, popen, proc_open, shell_exec
display_errors = off

If your host allows for recursive php.ini files then you only need to upload to your root, if not you will need to upload to all folders 🙂

Link to comment
Share on other sites
Restricted Content Explorer

Restricted Content

Posted
  • Author
Posted (edited)
4 hours ago, Davyc said:

If you can't change your php configuration (possibly you are on shared hosting) then add the following to a Notepad file and name it php.ini 

disable_functions = exec, system, passthru, pcntl_exec, popen, proc_open, shell_exec
display_errors = off

If your host allows for recursive php.ini files then you only need to upload to your root, if not you will need to upload to all folders 🙂

I will try this if I decide to reinstall it....

Too Add: Tried it and it don't work...Basically telling me I am exposing sensitive php functions that could compromise the board...

Edited by AlienOrigins
Link to comment
Share on other sites
Stuart Silvester Grand Master

Stuart Silvester

Posted
Posted

Changing disable_functions at your account level on a shared server (and in may PHP configurations won't work because they're core directives) is not really seeing the point of these warnings. They're there because those methods could also potentially be used by other accounts on your server to exploit your data by bypassing the typical directory protections in PHP/open_basedir.

They're as much about protecting your community and your data from other sites that may get exploited on the same server.

Link to comment
Share on other sites
Restricted Content Explorer

Restricted Content

Posted
  • Author
Posted
8 minutes ago, Stuart Silvester said:

Changing disable_functions at your account level on a shared server (and in may PHP configurations won't work because they're core directives) is not really seeing the point of these warnings. They're there because those methods could also potentially be used by other accounts on your server to exploit your data by bypassing the typical directory protections in PHP/open_basedir.

They're as much about protecting your community and your data from other sites that may get exploited on the same server.

Thanks...It don't matter I deleted the site and software off the server..Not interested in pulling the teeth out of a great white.

Link to comment
Share on other sites
CoffeeCake Veteran

CoffeeCake

Posted
Posted (edited)

Those functions are rarely needed and very dangerous.

You are putting electrical tape over the check engine light on your car, and then complaining that the light is the defect instead of the oil leak. Or putting the anal probe directly into the interstellar mouth socket. One of those.

Installing some other software on the same server is not resolving your problem. Other software may not do you the courtesy of warning you that there is a problem, but the problem is global to all PHP based applications.

You seem to think because your other car doesn't come equipped with air bags that a new one with air bags obviously has a terrible defect that makes it crash spontaneously into walls. So you'll drive the old one because that's safer....

Edited by CoffeeCake
Link to comment
Share on other sites
Davyc Mentor

Davyc

Posted
Posted

This is a strange issue in that IPS warns about these dangerous functions, yet unbelievably Xenforo needs at least one of them to function.  I have both IPS and Xenforo and when I applied the php.ini fix (because my host IONOS would NOT disable them) Xenforo threw a wobbler and generated loads of errors.

In light of @Stuart Silvester comments it begs the question, would IPS installations be best served on a VPS with root access?  I've been considering this for a while, but my lack of expertise in running a VPS is a concern to me.  I could switch hosts and go with someone like Nimbus, but they are way too expensive for what I am getting out of my sites. So any further guidance would be appreciated.

As an aside, adding a php.ini file to my root did not work so I had to go to the extreme measure of adding the php.ini file to all folders, which was no small task.

Link to comment
Share on other sites
CoffeeCake Veteran

CoffeeCake

Posted
Posted
5 hours ago, Davyc said:

I've been considering this for a while, but my lack of expertise in running a VPS is a concern to me.  I could switch hosts and go with someone like Nimbus, but they are way too expensive for what I am getting out of my sites. So any further guidance would be appreciated.

You could get from New York to Los Angeles much faster if you flew a plane as compared to driving a car, however buying a plane and attempting to fly it would be a dangerous enterprise if you only know how to drive a car.

First step is to get a pilots license. Educate yourself on what's needed to know about the more administrative bits of having that level of control and responsibility over a publicly accessible system compared to a managed shared hosting plan. I'd recommend to someone entering this arena today to look at the large cloud services providers. I have no idea what a Nimbus is, yet I'm certain you could provision yourself with computing and memory power in excess of their offerings at any of the large cloud services (AWS, Azure, GCP, DO, Linode, etc.) for significantly less. You will likely fair better at a cloud service once you exceed a basic local business level Wordpress type site.

The other direction to look at is considering IPS' managed service. If you are someone that just wants to focus on running your community and not be bothered by the underlying technologies, this is a way to pay someone else to do it for you.

5 hours ago, Davyc said:

This is a strange issue in that IPS warns about these dangerous functions, yet unbelievably Xenforo needs at least one of them to function. 

I cannot even begin to imagine a legitimate use for any of those functions--they all surround running server-side executables. /summon Kier. What the heck?

Link to comment
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...