News:

Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

[Help] http 500 error, cannot reply, quote, modify etc. Codes outdated?

Started by ninjawarrior, December 06, 2016, 04:13:33 AM

Previous topic - Next topic

ninjawarrior

Started happening 2 days ago, forum is still accessible for reading but when one clicks on "reply", "quote" or any function that creates new content (eg. forum signature, new topic etc.), it will return with http 500 error message on pc or blank page on iphone. Occurred 5x in 2 days.

Server host had to reset files. They said the codes might be outdated & there are suspicious files, leading to vulnerability and hence this error.

Can anyone advise what can be done to prevent this from happening again? Thanks!

My forum is SMF 2.0.12


d3vcho

Hello!

Usually this type of errors are a server side issue... What method did you use to install SMF? Manually or via a host auto installer? What are those "suspicious" files?

Regards :)
"Greeting Death as an old friend, they departed this life as equals"

Kindred

I am betting there is a chmod issue....   many hosts will choke if a file is uploaded at 666/777 these days

What did you do just before this started happening? Did you install a mod or theme?

Check your chmod permissions and make sure all files are 644 and all directories are 755
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

ninjawarrior

My SMF was installed in 2008. Then in 2013 it was upgraded to v2.

I didn't install any new mod or theme prior to this (last mod installed was many months back).

But i did set the max width of my facebook & instagram embed (shouldn't be this reason?).

Kindred

Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

ninjawarrior

Quote from: Kindred on December 06, 2016, 10:06:32 AM
URL?

I have PM you the URL.

--

Right now the function is down again.

This is the error message, I have replaced the URL.

--

The URL page isn't working

URL is currently unable to handle this request.
HTTP ERROR 500

Kindred

I reply, but get the WSoD...   which indicates a server side error (and yes, a 500 would qualify, sometimes)
but I don't see the 500 error on the screen, interestingly enough...


Look for an error.log, error. or errorlog file (or something with a name like that) and check the most recent entries...
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Kindred

Ok...

So, you host is not completely idiotic -- only slightly.

Here's the deal - from the logs that you sent to me in PM>

Dec  6 13:44:46 cx3 cxs[991882]: ['/...../Themes/BlackRainV2_20g/css'] - World writeable directory

right -- as I said, many hosts give a 500 error on having a chmod 777 directory.
So...   do a recursive chmod to set all directories to 755 and all files to 644

You also do seem to have many WordPress files and a few phpBB files... and some of those do seem to be questionable...
If you are not using those scripts, then I suggest that you remove those directories...
If you ARE using those scripts, then you need to check them, VERY carefully -- and make certain that you update them regularly.

However....  then your host descends into stupidity...
Then there are a whole bunch of "automatic" quarantine based on idiotic "regex" rules.

This one especially....
Dec  6 13:44:42 cx3 cxs[991882]: ['/.../Sources/Subs-Post.php'] - (quarantined to /....../Subs-Post.php.1481003082_1) Regular expression match = [decode regex: 7]

and that, right there, is 100% of your problem.
They have removed a core piece of the forum software under some mistaken impression that it is a bad script.
That file is needed...


Then we have these

[14-Nov-2016 12:54:36 Asia/Singapore] PHP Fatal error:  Cannot redeclare template_quotefast() (previously declared in /.../Sources/Load.php(2236) : eval()'d code:25) in /.../Sources/Load.php(2236) : eval()'d code on line 1002
[07-Dec-2016 00:31:08 Asia/Singapore] PHP Fatal error:  require_once(): Failed opening required '/.../Sources/Subs-Post.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /.../Sources/Subs-Members.php on line 468
[07-Dec-2016 00:31:29 Asia/Singapore] PHP Fatal error:  require_once(): Failed opening required '/.../Sources/Subs-Post.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /.../Post.php on line 103


the last two are directly related to the missing Subs-Post.php file.

The first one indicates that you seem to have double installed some sort of quote-fast mod...   you will need to clean that double install manually by parsing the mod and manually removing the duplicated code from the affected file(s) (probably several)




Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

ninjawarrior

Thanks.

My host has added an exception for the file "Subs-Post.php" and added regex ignore rules of the sub-files to ignore from scanning.

I have also ensured wordpress on my other sites are updated.

My basis is if no one else using SMF faces the same issue, I prefer not to modify anything to do with SMF.

Shall observe the situation for now. :)

Kindred

we have seen the same sort of behavior from GoDaddy, when an admin uses ftp to upload the Subs-Post.php file...

other than that, no one else seems to encounter this issue...  Whatever rule they have is falsely reporting the file as "dangerous" and they need to look more closely into better configuring their "protection" system.


Also - you are going to have to fix the chmod permissions in the subdirectories and files...
Quote from: Kindred on December 06, 2016, 01:20:18 PM
Dec  6 13:44:46 cx3 cxs[991882]: ['/...../Themes/BlackRainV2_20g/css'] - World writeable directory

right -- as I said, many hosts give a 500 error on having a chmod 777 directory.
So...   do a recursive chmod to set all directories to 755 and all files to 644
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Advertisement: