Jump to content

wimg

Clients
  • Posts

    739
  • Joined

Recent Profile Visitors

7,480 profile views
  1. Thank you, Marc! And so am I! Took quite a long session with Support, they had trouble finding it too - not too familiar with the second security system yet. Kind regards, WIm
  2. I will do so. I never had this problem in the past, however. I also noticed in the mean time, that there are now 2 'Standard' methods under Login & Registration, aklthough we have only a single one activated, essentially the old one. I'll report back on any findings.
  3. Since the upgrade we did, going from ICS 4.6.8 to 4.6.10 and then 4.7.10, on May 15, we noticed that new registrations appear 3 times in the Member list, and upon checking the database, the same is actually true for the core_members table itself. IOW, since the upgrade, every new member registration creates 3 new members with exactly the same data. Any idea what is going on here? Thank you in advance. Kind regards, Wim
  4. Looks like the problem is solved now. It was a combination of a Joomla plugin exploit bug which appears to be used by Marketplace, and an upload problem, and covered by both security modules which are installed as a standard on our server, although they deal slightly differently with it. Disabling the rules in mod_security and in the 2nd security module fixed this. For mod_security, upload, it was: Request: POST /forum/admin/?app=core&module=applications&controller=applications&appKey=news&do=upload Action Description: Access denied with code 406 (phase 2). Justification: File "/tmp/20230520-145930-ZGjgUoQWffAZPv8BC0az9wACVBc-file-yAgo53" rejected by the approver script "/etc/cxs/cxscgi. And for Marketplace, the Joomla exploit problem, which actually results in 3 error messages: Request: GET /forum/admin/?app=core&module=applications&controller=plugins&do=doInstall&file=/tmp/IPSMPKovG0x&key=d20a4618bdf9a0118256585816f3a9ab&id=10&csrfKey=c76034ce3b5af74eb2764c97bab4ca77&marketplace=7542&mr=0&_mrReset=1&csrfKey=c76034ce3b5af74eb2764c97bab4ca77 Action Description: Access denied with code 406 (phase 2). Justification: Pattern match "(/tmp|/proc|/dev)" at REQUEST_URI. We still have one other problem, but that has to do with image uploads to the Gallery and is very specific. I will have to investigate that first myself, to see if I can recreate that. Anyway, thanks for all the support from everybody, much appreciated! Kind regards, WIm
  5. Yes, I did. It is not their software. No idea yet what causes it. I have now uninstalled almost every bit of software that has this problem, except 2 add-ons which have a version that works just fine without the update, and is PHP 8-compliant anyway, even though the others were too. The reason for keeping those is for testing purposes as well, to see if I can finally get rid of the problem. O, the apps that work fine are from the same authors. No idea why some, a minority, work and others don't. I did find that we are running an additional security package on our server in the mean time, one we did not have on our previous server, and it is something we cannot control like you do with mod_security. So i have created a ticket for hosting support as a result. In the mean time, any ideas are welcome. I will try a manual upload as far as possible, but I need a reply from one of the authors first. No idea where to upload the contents of an unzipped .tar file to. It is not clear from the directories it creates. Kind regards, Wim
  6. Hi Randy, I have been looking around, but other than the menu settings for FURLs, I have no idea what I should eb looking for. As the error logs mostly showed data from dates prior to the upgrade, I cleared the logs, to ssee what will show up next when I try again, but so far, nothing. The weird thing is that some of the upgrades worked just fine, but now i am stuck with 30+ which do not, but should according to Marketplace. There always is an Install or Upload option, and when I use those, something will start up, but the moment it goes away to do its thing, within a couple of seconds it turns up the error message. As mentioned, I turned off Mod_security, but as that didn't change anything, and i noticed a few attempts at invalid data insertions, I turned it on again, especially as we did have a hacking problem, be it people taking over accounts from not very security conscious members, and posting spam like crazy. If you have any suggestions, I would appreciate it. Kind regards, WIm
  7. Well, Mod_security was on, indeed, but switching it off, and rebooting, made no difference. If anybody has another idea of what could be causing this, I'd appreciate it. Thank you very much in advance! Kind regards, WIm P.S.: I did reboot the server after resetting and saving the Mod_security settings.
  8. We have gone through extensive testing and checks. Only 2 were not compatible, and those were disabled anyway. And yes, 60 is a lot. As mentioned, we currently only use 35 of them , which stiil is a lot. It just shows that the 3rd party community provides a very useful service, the way we see it 😃. We manage our own server, but we do have full support if so required. I just realized we moved to a new server a couple of months ago, as a first step to doinG complete upgrades for everything, including PHP and database. It could well be that mod_security has been enabled for everything again - that was one are we did not check. I'll report back if that indeed solves the issue. Thank you for the heads-up and quick reply, much appreciated! Kind regards, WIm
  9. We upgraded from Sunday on Monday from 4.6.8 to 4.6.10 and next to 4.7.10. That went well no problems with the Community Suite so far. However, trying to upgrade many of our addons, applications and plugins, resulted in multiple errors, with an error message "Sorry! The page you requested does not exist", while we still have a valid subscription, and an Install option for each of them. We have 60 add-ons, of which we are currently using 35 actively. The inactive ones, as far as we tried, give the same results.. Any idea what could be causing this and what we need to do to solve this problem? This happened both in 4.6.10 and in 4.7.10, whatever we tried. Prior to doing the ICS-upgrade we did test everything, because of the required upgrade to PHP 8.x, and it did the same during our tests, although all apps and plugins did not stop working. What we did notice, however, is that we did not get a proper default theme, as it still contains the additions we made to it, for Google and advertising. Could it possibly be that this is what is causing the trouble? Thank you very much in advance! Kind regards, Wim
  10. OK. Could you maybe ask him to clear all browser history, cookies and temp files, and see if it still happens? If you haven't that is. Many people never do this, or not often enough, and I have seen weird things happen as a result, f.e., a user who got the wrong pictures in a post he was reading, and that is just the tip of the iceberg. People who couldn't save anything, etc. HTH, kind regards, Wim
  11. Did you check if thsi works OK in a normal post?
  12. Hi guys, thank you both! Marc already replied to the Support Request I created around 5 am local time, out of desperation. It appears that that was a column in core_pfields from more than 11 years ago, StopForumSpam, which we used when there wasn't much else, with version 2.x of the forum software. It looks like it never did uninstall properly when we moved on, and it has been hiding there for all those years, and now finally causing problems with the very much stricter MariaDB 10.3 version when it comes to non-default values :). It looks fixed now I deleted the column, but I will keep an eye on it :). Kindest regards, Wim
  13. When trying to ad a new member via the ACP, I get the following errors: And: IOW, that is an error when it tries ot insert it more than once, as far as I can see. Oh, the user does get added, BTW. Really strange. No idea why. My.cnf has been minimalized now, so MariaDB is runnign more or less with defaults as far as possible with a large database (11 GB) and 114K registered members. We are using Centos 7.9 and cPanel latest version, with 4xSSD in RAID for data and another 4xSSD for the database, also RAID, 128GB DRAM, 32 cores (ntel Dual Xeon Gold 6226R), and a spindle drive for back-ups. If anybody has an idea, it would be greatly appreciated. Kind regards, Wim P.S.: replaced actual user with "user" and the database name with "database".
  14. I spoke too soon, it still happens with Classifieds as well.
  15. Yes, for every account since upgrading to MariaDB 10.3 about 14 hours ago. I did soem test myself over th elast few hours, and now it either rejects completely, or adds 3 registrations. I think the error triggers because it registers each registration 3 times. They do not go through email validation anymore either, they are promoted straight to the first member group upon validation. Really weird. I am digging into configuration settings in my.cnf, but so far have not found anything yet. The weird thing is that this actually happened in the Classifieds add-on, and only there, prior to upgrading, but that appears to be fine now. The error there was a 1054. Kind regards, Wim
×
×
  • Create New...