Advertisement:

Author Topic: mod_security problem?  (Read 970 times)

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
mod_security problem?
« on: March 09, 2019, 04:09:33 PM »
No response in mod support topic, so posting here.  SA Chat will not work on GoDaddy server, chat windows open both ends, messages do not post. Clean 2.0.15 install, clean db, no other mods. No forum or server errors, these errors in chat error log -

Code: [Select]

INFO  Undefined index: database_error
File: /home/u0fgcfwp0drf/public_html/kotctest/Sources/Subs-Db-mysql.php
Line: 1407

FATAL  Call to undefined function allowedTo()
File: /home/u0fgcfwp0drf/public_html/kotctest/Sources/Subs-Db-mysql.php
Line: 1408


allowedTo() is defined function in Security.php.  Mod had been working, then tanked. Works fine on my server.  Does this look like mod_security glitch?  mod_security is enabled, GD will not disable.

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 70,786
    • StoryBB/StoryBB on GitHub
Re: mod_security problem?
« Reply #1 on: March 09, 2019, 04:33:59 PM »
Unlikely to be mod_security; more likely that the database connection failed early in the process (higher load maybe?) and the way SMF handles that at just the wrong time is very ungraceful.

If it were mod_security it wouldn't even get to SMF.
Don’t try to tell me that some power can corrupt a person. You haven’t had enough to know what it’s like.

No good deed goes unpunished / No act of charity goes unresented.

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #2 on: March 09, 2019, 04:46:58 PM »
Rest of the forum works fine, only problem is chat, it never works.  It's a small forum, wouldn't think it's a load problem, and there's no indication of db disconnect.  Something apparently was changed on the server and it just stopped working.  Why is it reporting undefined function for valid function?


Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 70,786
    • StoryBB/StoryBB on GitHub
Re: mod_security problem?
« Reply #3 on: March 09, 2019, 05:39:25 PM »
Because at the point in question, Security.php hasn't been loaded yet.
Don’t try to tell me that some power can corrupt a person. You haven’t had enough to know what it’s like.

No good deed goes unpunished / No act of charity goes unresented.

Offline Kindred

  • The Mean One
  • Support Specialist
  • SMF Legend
  • *
  • Posts: 57,977
  • Gender: Male
    • Kindred-999 on GitHub
Re: mod_security problem?
« Reply #4 on: March 09, 2019, 09:10:40 PM »
Also, you should know better.... we don't support mods.  If there is no answer in the mod thread, bringing it here is still not correct. :P
Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #5 on: March 10, 2019, 12:02:45 AM »
I know, but I'm trying to help a forum owner, and that's kind of what we're here for.  And this doesn't appear to be a problem with mod code, the two files in logged errors are unedited core.

Offline shawnb61

  • Support Specialist
  • Sophist Member
  • *
  • Posts: 1,152
    • sbulen on GitHub
Re: mod_security problem?
« Reply #6 on: March 10, 2019, 12:11:03 AM »
For an issue to happen this early, it really has to be something basic.
My first suspicion is that it can't load a theme for some reason. 
Is there a custom theme?   Another theme you could try?
Address the process rather than the outcome.  Then, the outcome becomes more likely.   - Fripp

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #7 on: March 10, 2019, 01:30:01 AM »
Did a clean install, new db, running Curve, installed chat mod, it doesn't work on GoDaddy.  Same install on my server works fine. mod_security is enabled on both, but may be configured differenty.  Everything else on the forum works normally.


Offline shawnb61

  • Support Specialist
  • Sophist Member
  • *
  • Posts: 1,152
    • sbulen on GitHub
Re: mod_security problem?
« Reply #8 on: March 10, 2019, 01:46:56 AM »
Does it work fine without the chat mod?

Same php versions?

I'd compare phpinfo between the two environments looking for clues.
Address the process rather than the outcome.  Then, the outcome becomes more likely.   - Fripp

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #9 on: March 11, 2019, 12:18:59 AM »
Forum works fine with or without chat mod, it has no effect on anything else.  The mod doesn't edit any core or theme files, it's hooked and has it's own files, appears to run as an external script.  It has it's own error log, the errors I posted are from that log, they are not logged by forum or server.  The forum is oblivious to whatever is borking the mod.  Both are running on linux box in php 5.6 (5.6.36 - 5.6.40), GD is mysql 5.6.39, mine is MariaDB 10.0.16.  No obvious differences that would cause a problem.  Security.php is loaded in index.php and SSI.php, the mod apparently is not seeing it.

Offline drewactual

  • Full Member
  • ***
  • Posts: 566
    • College Football Fan Site CFB51
Re: mod_security problem?
« Reply #10 on: March 12, 2019, 08:37:52 AM »
how are sessions setup in these instances?

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #11 on: March 12, 2019, 06:37:36 PM »
I've imported the client prod database to my server, so it's running in same environment as my test install, where mod works correctly.  Server settings for cookies and sessions are the same.  Mod installs, works in FF, doesn't work in IE.  Requests 'Login to chat', click on it opens forum login window, but you're still logged in.  It's something in the database, if I connect it to a clean install, install the mod, same result.  Works in FF, not in IE.  >:(

Offline drewactual

  • Full Member
  • ***
  • Posts: 566
    • College Football Fan Site CFB51
Re: mod_security problem?
« Reply #12 on: March 12, 2019, 06:45:45 PM »
on both the client computer/server and your own?  what cypher suite are you using? some browsers don't like tsl1.2 at all and will reject that connection altogether.

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #13 on: March 12, 2019, 06:56:54 PM »
I have three installs currently running on my server:

- My usual 2.0.15 test install, where mod works fine.
- The client forum (full forum backup connected to prod database), where I have the login problem.
- Clean 2.0.15 install connected to prod db, which also has login problem.

Everything's the same, except the db.  This mod was working in client's forum, until this -

"It worked great for the longest time and stopped working after either the Gallery Pro mod or the Classifieds Mod was updated last."

The problem I'm seeing now is not what he originally had.  IIRC, chat windows opened but messages wouldn't post.  It was also logging the allowedTo() errors.  Now it doesn't see member logged in, but only in IE.

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #14 on: March 12, 2019, 07:12:11 PM »
This should not be possible -




Offline shawnb61

  • Support Specialist
  • Sophist Member
  • *
  • Posts: 1,152
    • sbulen on GitHub
Re: mod_security problem?
« Reply #15 on: March 13, 2019, 11:21:50 PM »
Does installing Gallery Pro & Classifieds reproduce the issue in your test env?
Address the process rather than the outcome.  Then, the outcome becomes more likely.   - Fripp

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #16 on: March 13, 2019, 11:57:26 PM »
I cloned the production forum (files and db) onto my server, so the mods are installed.  Have the same problem with clean install connected to prod db.  The only place it works is on clean install with clean db.  The mod adds 5 tables, 20 permissions, 22 settings.  Deleted them all, reinstalled mod, same problem.  It's not seeing the member logged in, but only in IE, works fine in FF.  Tinkered with browser cookie settings, no difference.  Beats me.

Offline shawnb61

  • Support Specialist
  • Sophist Member
  • *
  • Posts: 1,152
    • sbulen on GitHub
Re: mod_security problem?
« Reply #17 on: March 14, 2019, 12:30:14 AM »
I am asking if you tried to install those mods onto one of your 2.0.15 test environments.  Maybe that'll break it, and that would be good to know... 

The SA Chat support thread includes these same errors reported multiple times, so it's almost certainly an SA Chat issue.  Doesn't look like the mod is actively supported...   
Address the process rather than the outcome.  Then, the outcome becomes more likely.   - Fripp

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #18 on: March 14, 2019, 12:47:20 AM »
The problem is in smf_settings.  If I import table from working test install to prod db, chat works in IE. 

These settings work -

Code: [Select]

('2sichat_mn_heart', '10000'),
('2sichat_mn_heart_timeout', '40000'),
('2sichat_cw_heart', '5000'),
('2sichat_mn_heartmin', '33000'),
('2sichat_live_notfy', '1'),
('2sichat_e_last3min', '1'),
('2sichat_e_last3minv', '180'),
('2sichat_live_type', '0'),
('2sichat_purge', '1'),
('2sichat_gad_lang', 'en'),
('2sichat_gad_trans', '1'),
('2sichat_ico_myspace', '1'),
('2sichat_ico_gplus', '1'),
('2sichat_ico_twit', '1'),
('2sichat_ico_fb', '1'),
('2sichat_ico_adthis', '1'),
('2sichat_board_index', 'everywhere'),
('2sichat_theme', 'default'),
('2sichat_live_online', '1'),
('2sichat_e_logs', '1'),
('2sichat_cookie_name', '2sichat'),
('2sichat_permissions', '0');

('integrate_pre_include', '$sourcedir/Subs-Shoutbox.php,$sourcedir/OharaYTEmbed.php,$boarddir/Sources/SAChatHooks.php'),
('integrate_load_permissions', 'shoutbox_load_permissions,SAChat_load_permissions'),

('integrate_load_theme', 'shoutbox_load_theme,OYTE_css,SAChat_loadTheme'),
('integrate_admin_areas', 'shoutbox_admin_areas,SAChat_admin_areas'),


These do not -

Code: [Select]

('2sichat_mn_heart', '10000'),
('2sichat_mn_heart_timeout', '40000'),
('2sichat_cw_heart', '5000'),
('2sichat_mn_heartmin', '33000'),
('2sichat_live_notfy', '1'),
('2sichat_e_last3min', '1'),
('2sichat_e_last3minv', '180'),
('2sichat_live_type', '0'),
('2sichat_purge', '1'),
('2sichat_gad_lang', 'en'),
('2sichat_gad_trans', '1'),
('2sichat_ico_myspace', '1'),
('2sichat_ico_gplus', '1'),
('2sichat_ico_twit', '1'),
('2sichat_ico_fb', '1'),
('2sichat_ico_adthis', '1'),
('2sichat_board_index', 'everywhere'),
('2sichat_theme', 'default'),
('2sichat_live_online', '1'),
('2sichat_e_logs', '1'),
('2sichat_cookie_name', '2sichat'),
('2sichat_permissions', '0'),

('2sichat_simple_bbc', '1'),
('2sichat_disable', '0'),

('integrate_load_permissions', 'SAChat_load_permissions'),
('integrate_chat_admin', 'gadget_action,links_action'),
('integrate_chat_admin_template', 'chat_admin_area,link_admin_area'),
('integrate_chat_admin_config', 'soc_config'),

('integrate_pre_include', '$sourcedir/Subs-UsersOnlineToday.php,/home/u0fgcfwp0drf/public_html/kotct2017/Sources/SayThanks.php,$boarddir/sachat/Plugins/gadgets/gadgetsAdmin.php,$boarddir/sachat/Plugins/gadgets/template/gadgetAdmin.template.php,$boarddir/sachat/Plugins/links/linksAdmin.php,$boarddir/sachat/Plugins/links/template/linksAdmin.template.php,/home/u0fgcfwp0drf/public_html/kotct2017//Plugins/sociallinks/sociallinksAdmin.php,$boarddir/Sources/SAChatHooks.php'),

('integrate_admin_areas', 'SayThanks::setAdminArea,SAChat_admin_areas'),
('integrate_load_theme', 'SayThanks::loadTheme,SAChat_loadTheme'),


As you can see, they're different.  Think I'll try knocking them out one at a time.  What I'm not getting is why they've installed differently, and why the glitch is browser specific.


Offline shawnb61

  • Support Specialist
  • Sophist Member
  • *
  • Posts: 1,152
    • sbulen on GitHub
Re: mod_security problem?
« Reply #19 on: March 14, 2019, 01:14:10 AM »
I actually think those settings are the same as far as SA Chat is concerned - the difference is that there are some other hooks registered for other mods. 

I have something else for you to try...   

Im phpmyadmin, go to the smf_2sichat table.   If there isn't a default value for the 'inactive' column, set one.  NULL works. 

Let me know if that works....   
Address the process rather than the outcome.  Then, the outcome becomes more likely.   - Fripp

Offline shawnb61

  • Support Specialist
  • Sophist Member
  • *
  • Posts: 1,152
    • sbulen on GitHub
Re: mod_security problem?
« Reply #20 on: March 14, 2019, 01:42:26 AM »
One correction....

The simple BBC setting is different....
Address the process rather than the outcome.  Then, the outcome becomes more likely.   - Fripp

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #21 on: March 14, 2019, 02:06:21 AM »
I'll try that.  Looks like there are two different problems.  On GoDaddy, just did clean install, clean db, members see each other, chat windows open, messages don't post.  This was what I originally started with.  On my server, did clean install, clean db, works.  I've installed all the other mods on my working test install, didn't affect chat.  Too tired to do much more tonight, can't see.  Thanks for your help.

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #22 on: March 14, 2019, 02:08:03 AM »
One correction....

The simple BBC setting is different....

I copied all chat settings from working table to non-working table so they're the same, didn't help.  Glitch could be almost anywhere in db if it's other than chat settings.

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #23 on: March 14, 2019, 02:22:07 AM »
Im phpmyadmin, go to the smf_2sichat table.   If there isn't a default value for the 'inactive' column, set one.  NULL works. 

Goddam, that seems to have worked on GD server.  Can't set it back to 'none' to reproduce glitch (pma is throwing mysql error), but messages are posting.  Will try it on GD prod forum tomorrow.  That's a mysql bug, isn't it, but usually logs an error.  Maybe GD upped mysql version, that may have caused chat to stop working.  Will get back to it tomorrow.  Thanks again.

Offline shawnb61

  • Support Specialist
  • Sophist Member
  • *
  • Posts: 1,152
    • sbulen on GitHub
Re: mod_security problem?
« Reply #24 on: March 14, 2019, 09:14:38 AM »
I believe there are 3 different issues here...

1)  Newer, stricter, mysql doesn't like columns w/o defaults.  That's an SA Chat issue, it should provide a default.  Wasn't a problem on older environments.

2)  Error logging issue.  One of the hooks is getting called quite early, and if there is an issue, our mysql code cannot report it properly.  Pretty sure this is a problem with SMF.  Only exhibits when there are db-level errors, like #1 above.

3)  IE-only issue.  I still suspect this is due to IE not liking the BBC setting. 

I'll test a bit more, & if confirmed, post findings in SA Chat thread.
Address the process rather than the outcome.  Then, the outcome becomes more likely.   - Fripp

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #25 on: March 14, 2019, 05:09:26 PM »
Just getting back to this.  Will have to see what I have from last night, was working on multiple installs on different servers with different databases, it was late.  I'll try to replicate the glitch by dropping the chat tables and reinstalling mod.  It seems to fail differently in different environments.  GD server is running MySQL 5.6.39 in Apache, my server runs MariaDB 10.0.16 in LiteSpeed.

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #26 on: March 14, 2019, 06:59:49 PM »
Replicated no-post problem, setting 'inactive' to Null fixes it.  Installed mod on GD production forum, made fix, works fine in FF65, still have login problem in IE11.  What could make things worse?  While I'm viewing chat in FF, another admin sees it's working, posts a message, asked him which browser he's using (wait for it):
 IE11.

Problem is in smf_settings, but it's not any of the 2sichat settings, and it only seems to affect my browser.


Offline shawnb61

  • Support Specialist
  • Sophist Member
  • *
  • Posts: 1,152
    • sbulen on GitHub
Re: mod_security problem?
« Reply #27 on: March 14, 2019, 10:48:29 PM »
I cannot replicate the IE issue, IE works fine for me.  I had my suspicions on the BBC settings, but no, when enabled, BBC works fine in IE. 

I suspect your IE issue is local & not settings related (or it would have failed for the other admin, too).  My initial suspicion is JQuery support & versions...   IE is very picky there, & SA Chat uses JQuery. 

Note that Mysql got more strict by default with 5.7...   Older versions can be configured to be more strict, & newer versions can be configured to be looser.  So it may not just be a mysql version, but a mysql setting affecting the behavior. 

But either way, SA Chat should either provide a value or set a default value when storing messages.  Providing a default is a valid solution. 
Address the process rather than the outcome.  Then, the outcome becomes more likely.   - Fripp

Offline Sir Osis of Liver

  • SMF Hero
  • ******
  • Posts: 8,739
Re: mod_security problem?
« Reply #28 on: March 15, 2019, 12:43:50 AM »
IE works on test forum on same server running same mods, until I import smf_settings from prod forum, that causes login problem.  It's not a 2sichat setting, it's something else.  Will have another go tomorrow.  Left chat mod running on prod forum, hope to get some feedback from members.