Invision Community 4: SEO, prepare for v5 and dormant account notifications Matt November 11, 2024Nov 11
Posted February 6, 20232 yr Hello, when entering the invoice module, the system presents the error HTTP ERROR 500 Regards,
February 6, 20232 yr Please check your servers error logs first of all. An internal server error will be logged on the server itself.
March 21, 20231 yr Author Hello @Marc Stridgen, after some time, I have managed to get to the error in the APACHE error.log file, which is logged when I enter some options of the NEXUS module. Quote [Mon Mar 20 23:24:06.705962 2023] [security2:error] [pid 19916] [client xxx.xxx.xxx.xxx:62383] [client xxx.xxx.xxx.xxx] ModSecurity: collections_remove_stale: Failed to access DBM file "/var/cpanel/secdatadir/YYYYYYY-default_SESSION": Permission denied [hostname "www.YYYYYYY.cl"] [uri "/foro/ZZZZZZ/index.php"] [unique_id "ZBkVRoQCWYaJb1JyJXVaIAAAAQE"], referer: https://www.YYYYYYY.cl/foro/ZZZZZZ/?app=nexus&module=payments&controller=transactions&do=&attn=1
March 21, 20231 yr This looks to be your host using mod_security which is blocking the request. You can ask them to disable it or work with them to tune the rule to not block the it.
March 21, 20231 yr Author Is it related to the permissions of the files contained in the path indicated in the error? PATH: /var/cpanel drwxrwx--T. 2 root nobody 4096 mar 20 22:00 secdatadir total 0 -rw-r-----. 1 nobody nobody 0 mar 20 22:00 nobody-default_SESSION.dir -rw-r-----. 1 nobody nobody 0 mar 20 22:00 nobody-default_SESSION.pag -rw-r-----. 1 nobody nobody 0 mar 20 22:00 nobody-ip.dir -rw-r-----. 1 nobody nobody 0 mar 20 22:00 nobody-ip.pag
March 21, 20231 yr https://forums.cpanel.net/threads/modsecuirty-var-cpanel-secdatadir-ip.623203/ I would start with that. But again… this is a server issue, not an IPB issue.
March 21, 20231 yr As mentioned above, you ned to contact your hosting company regarding this issue, as your server itself is blocking things you dont want it to be blocking.
March 21, 20231 yr Author @Marc Stridgen, How do I explain to the hosting that ONLY one module of my application has this error??? How do I tell it that it is only when I want to see the payment configuration in the IPS NEXUS MODULE???? I would appreciate some empathy and guidance as to where the error could go by entering only the NEXUS module. Regards, 11 hours ago, Randy Calvert said: I would start with that. But again… this is a server issue, not an IPB issue. Thank's, I understand that it is a server error, but the hosting provider, when a single module fails, will tell me that it is an application problem. It is the typical dispute where everyone passes the responsibility from one side to the other.
March 21, 20231 yr Sorry, Im not sure what you are asking there. You would simply explain to them what is happening, and tell them your server is blocking it
March 24, 20231 yr Author @Marc Stridgen, I just did the same test, enter the NEXUS invoice module in the TEST environment and I don't have the 500 error, is this still considered a hosting error???
March 24, 20231 yr If it is being blocked by mod_security as you show in the first post, then yes. As its being blocked by a hosting item
March 27, 20231 yr Author But the mod_security affects all the configuration on the server (apache service), but I only see the behavior in the URL of my production environment, not in the URL of the TEST environment. Both environments are hosted on the same server under cpanel, therefore they share the configuration.
March 27, 20231 yr Does your test environment also have active invoices, transactions and everything else configured the same way in Nexus as on your production site? Either way, it's still an issue somehow specific to your server environment.
March 28, 20231 yr 14 hours ago, Mercury Forever said: But the mod_security affects all the configuration on the server (apache service), but I only see the behavior in the URL of my production environment, not in the URL of the TEST environment. Both environments are hosted on the same server under cpanel, therefore they share the configuration. Actually not necessarily. mod_security can be controlled on a per hostname basis. You're likely to have problems until that mod_security error goes away. IPS cannot troubleshoot that as it's outside of the software. You would need to work with your hosting provider.
July 9, 20231 yr Please note I hid the data you posted as it contained sensitive information. Did you ever obtain the exact 500 Internal Server Error which you were facing?
July 9, 20231 yr Author Hi @Jim M, thanks for the action. Regarding the error, at the browser level, it is the one that I published at the beginning of this thread, as background, I tested with three browsers, both in normal and incognito mode, in all these tests the 500 error is the same. Since I have backup of the database, I have the option to simulate the problem. Regards, PS: You could leave the post and hide only the sensitive data, for the community the way in which I solved the error could be a contribution, although it is something rare to intervene in the configuration directly at the database level. Edited July 9, 20231 yr by Mercury Forever
July 10, 20231 yr Assuming you are referring only to 3rd party payment methods there and not as a whole. Please disable all other 3rd party applications and plugins, and then retest this to see if you are seeing the same issue
September 11, 20231 yr Author After a while, you reached the error that is behind this 500 error. Fatal error: Declaration of IPS\nexus\Gateway\hook692::auth(IPS\nexus\Transaction $transaction, $values, ?IPS\nexus\Fraud\MaxMind\Request $maxMind = null, $recurrings = []) must be compatible with IPS\nexus\Gateway\_PayPal::auth(IPS\nexus\Transaction $transaction, $values, ?IPS\nexus\Fraud\MaxMind\Request $maxMind = null, $recurrings = [], $source = null) in /home/XXXXXXX/public_html/foro/init.php(936) : eval()'d code on line 21
September 11, 20231 yr 12 minutes ago, Mercury Forever said: hook692 There is some sort of 3rd party hook there it looks like…
September 11, 20231 yr 1 hour ago, Mercury Forever said: hook692 Locate that hook, check the owner and ask him to update it OR if you're fine with manual edits I can provide you a tutorial for it.
September 11, 20231 yr Note, if you go to support within your admin CP, you can view hooks there and should be able to see what the 3rd party item is
September 16, 20231 yr Author Hello @Marc Stridgen, as I see in the configuration, this hook corresponds to the nexus package and associated with the paypal.php page. Regards,
September 16, 20231 yr Author Hello everyone, I finally identified the problem, it was indeed a third-party application called "Subscription Privacy" by Thomas, which no longer exists in the Market. The truth is that I don't know what function it served "other than not making the module work." By removing it, I no longer have the "blessed" 500 error (very generic and related to Apache otherwise) Greetings to all who contributed, responded and helped reach the RCA. Regards,