Mercury Forever Posted February 6, 2023 Posted February 6, 2023 Hello, when entering the invoice module, the system presents the error HTTP ERROR 500 Regards,
Marc Posted February 6, 2023 Posted February 6, 2023 Please check your servers error logs first of all. An internal server error will be logged on the server itself.
Mercury Forever Posted March 21, 2023 Author Posted March 21, 2023 Hello @Marc Stridgen, after some time, I have managed to get to the error in the APACHE error.log file, which is logged when I enter some options of the NEXUS module. Quote [Mon Mar 20 23:24:06.705962 2023] [security2:error] [pid 19916] [client xxx.xxx.xxx.xxx:62383] [client xxx.xxx.xxx.xxx] ModSecurity: collections_remove_stale: Failed to access DBM file "/var/cpanel/secdatadir/YYYYYYY-default_SESSION": Permission denied [hostname "www.YYYYYYY.cl"] [uri "/foro/ZZZZZZ/index.php"] [unique_id "ZBkVRoQCWYaJb1JyJXVaIAAAAQE"], referer: https://www.YYYYYYY.cl/foro/ZZZZZZ/?app=nexus&module=payments&controller=transactions&do=&attn=1
Randy Calvert Posted March 21, 2023 Posted March 21, 2023 This looks to be your host using mod_security which is blocking the request. You can ask them to disable it or work with them to tune the rule to not block the it.
Mercury Forever Posted March 21, 2023 Author Posted March 21, 2023 Is it related to the permissions of the files contained in the path indicated in the error? PATH: /var/cpanel drwxrwx--T. 2 root nobody 4096 mar 20 22:00 secdatadir total 0 -rw-r-----. 1 nobody nobody 0 mar 20 22:00 nobody-default_SESSION.dir -rw-r-----. 1 nobody nobody 0 mar 20 22:00 nobody-default_SESSION.pag -rw-r-----. 1 nobody nobody 0 mar 20 22:00 nobody-ip.dir -rw-r-----. 1 nobody nobody 0 mar 20 22:00 nobody-ip.pag
Randy Calvert Posted March 21, 2023 Posted March 21, 2023 https://forums.cpanel.net/threads/modsecuirty-var-cpanel-secdatadir-ip.623203/ I would start with that. But again… this is a server issue, not an IPB issue.
Marc Posted March 21, 2023 Posted March 21, 2023 As mentioned above, you ned to contact your hosting company regarding this issue, as your server itself is blocking things you dont want it to be blocking.
Mercury Forever Posted March 21, 2023 Author Posted March 21, 2023 @Marc Stridgen, How do I explain to the hosting that ONLY one module of my application has this error??? How do I tell it that it is only when I want to see the payment configuration in the IPS NEXUS MODULE???? I would appreciate some empathy and guidance as to where the error could go by entering only the NEXUS module. Regards, 11 hours ago, Randy Calvert said: I would start with that. But again… this is a server issue, not an IPB issue. Thank's, I understand that it is a server error, but the hosting provider, when a single module fails, will tell me that it is an application problem. It is the typical dispute where everyone passes the responsibility from one side to the other.
Marc Posted March 21, 2023 Posted March 21, 2023 Sorry, Im not sure what you are asking there. You would simply explain to them what is happening, and tell them your server is blocking it
Mercury Forever Posted March 24, 2023 Author Posted March 24, 2023 @Marc Stridgen, I just did the same test, enter the NEXUS invoice module in the TEST environment and I don't have the 500 error, is this still considered a hosting error???
Marc Posted March 24, 2023 Posted March 24, 2023 If it is being blocked by mod_security as you show in the first post, then yes. As its being blocked by a hosting item
Mercury Forever Posted March 27, 2023 Author Posted March 27, 2023 But the mod_security affects all the configuration on the server (apache service), but I only see the behavior in the URL of my production environment, not in the URL of the TEST environment. Both environments are hosted on the same server under cpanel, therefore they share the configuration.
Makoto Posted March 27, 2023 Posted March 27, 2023 Does your test environment also have active invoices, transactions and everything else configured the same way in Nexus as on your production site? Either way, it's still an issue somehow specific to your server environment.
Randy Calvert Posted March 28, 2023 Posted March 28, 2023 14 hours ago, Mercury Forever said: But the mod_security affects all the configuration on the server (apache service), but I only see the behavior in the URL of my production environment, not in the URL of the TEST environment. Both environments are hosted on the same server under cpanel, therefore they share the configuration. Actually not necessarily. mod_security can be controlled on a per hostname basis. You're likely to have problems until that mod_security error goes away. IPS cannot troubleshoot that as it's outside of the software. You would need to work with your hosting provider.
Jim M Posted July 9, 2023 Posted July 9, 2023 Please note I hid the data you posted as it contained sensitive information. Did you ever obtain the exact 500 Internal Server Error which you were facing?
Mercury Forever Posted July 9, 2023 Author Posted July 9, 2023 (edited) Hi @Jim M, thanks for the action. Regarding the error, at the browser level, it is the one that I published at the beginning of this thread, as background, I tested with three browsers, both in normal and incognito mode, in all these tests the 500 error is the same. Since I have backup of the database, I have the option to simulate the problem. Regards, PS: You could leave the post and hide only the sensitive data, for the community the way in which I solved the error could be a contribution, although it is something rare to intervene in the configuration directly at the database level. Edited July 9, 2023 by Mercury Forever
Marc Posted July 10, 2023 Posted July 10, 2023 Do you have any 3rd party payment methods you are using there?
Marc Posted July 10, 2023 Posted July 10, 2023 Assuming you are referring only to 3rd party payment methods there and not as a whole. Please disable all other 3rd party applications and plugins, and then retest this to see if you are seeing the same issue
Mercury Forever Posted September 11, 2023 Author Posted September 11, 2023 After a while, you reached the error that is behind this 500 error. Fatal error: Declaration of IPS\nexus\Gateway\hook692::auth(IPS\nexus\Transaction $transaction, $values, ?IPS\nexus\Fraud\MaxMind\Request $maxMind = null, $recurrings = []) must be compatible with IPS\nexus\Gateway\_PayPal::auth(IPS\nexus\Transaction $transaction, $values, ?IPS\nexus\Fraud\MaxMind\Request $maxMind = null, $recurrings = [], $source = null) in /home/XXXXXXX/public_html/foro/init.php(936) : eval()'d code on line 21
Randy Calvert Posted September 11, 2023 Posted September 11, 2023 12 minutes ago, Mercury Forever said: hook692 There is some sort of 3rd party hook there it looks like… Mercury Forever 1
DawPi Posted September 11, 2023 Posted September 11, 2023 1 hour ago, Mercury Forever said: hook692 Locate that hook, check the owner and ask him to update it OR if you're fine with manual edits I can provide you a tutorial for it. Mercury Forever 1
Marc Posted September 11, 2023 Posted September 11, 2023 Note, if you go to support within your admin CP, you can view hooks there and should be able to see what the 3rd party item is Mercury Forever 1
Mercury Forever Posted September 16, 2023 Author Posted September 16, 2023 Hello @Marc Stridgen, as I see in the configuration, this hook corresponds to the nexus package and associated with the paypal.php page. Regards,
Mercury Forever Posted September 16, 2023 Author Posted September 16, 2023 Hello everyone, I finally identified the problem, it was indeed a third-party application called "Subscription Privacy" by Thomas, which no longer exists in the Market. The truth is that I don't know what function it served "other than not making the module work." By removing it, I no longer have the "blessed" 500 error (very generic and related to Apache otherwise) Greetings to all who contributed, responded and helped reach the RCA. Regards,
Recommended Posts