acon

Hi Marcel @mpol ,

Thanks for confirming that and for the tips to import our data. I have Notepad++ (not a coder though) but didn’t know it can be used to convert CSV encoding. Will have to do some research and experiments. My scraping tool allows me to export the data as a G sheet, a CSV file or a JSON file. The characters on the G sheet look fine, but they become unidentifiable symbols on the CSV. Have tried the JSON file yet.

No worries. I reckon this just need to be done by trial and error.

Regards,

Acon

Hi Marcel @mpol ,

Perfect! Our current guestbook has no threading too. I’ll start trying your plugin as soon as we got the crawled CSV file.

One more question: I saw Chinese (Taiwan) as one of the supported languages. That’s exactly what we need. Does it mean we can switch to that language with one click in the plugin dashboard without needing to translate everyone single word in the UI?

By the way the current entries on our guestbook are encoded in BIG5, which is used for traditional Mandarin Chinese characters in Taiwan. Is your plugin compatible with this encoding format? If your plugin only supports Unicode, what would you recommend to do the conversion?

Thanks again.

Regards,

Acon

Hi Marcel @mpol ,

I’m glad that you read my question here. Thanks for your detailed reply.

I checked the link you provided and it’s good to know that the longtext field can contain so much info (who’s going to submit an entry with 4GB of text? ?? ).

As for the backlinks, we need to find a way to redirect all comment link addresses (yes the permalinks of all entries) to the new ones in your guestbook plugin. I purchased a plugin called Permalink Manager Pro a while ago and will see if it can help.

Two questions about your reply here:

I assume indexing might help. Using a single field for status might help as well. That might need to be looked into in the future for this plugin.

My knowledge covers almost zero percentage about the database technology so could you please tell me more about how to do the “indexing” or “single field for status”? Are these something that I need to do with the CSV file?

Please be aware that this guestbook has no threading. If you have threading in your discussions you could look into standard comments.

Could you please explain what “threading” is?

Thanks. ??

Regards,

Acon

Hi @nintechnet

Good news! The user session error has disappeared when I reload the page.

Thanks so much for your time and help. Now I can start learning how to set up the firewall properly.

Hope you have a wonderful weekend.

Regards,
Acon

Hi @nintechnet

Thanks for the tip. I’ve used this manual way to activate the full WAP mode. No fatal error showed. The site is still running and my WP dashboard is too.

However, these came up in my NinjaFirewall dashboard:
https://prnt.sc/204y1ql

This showed when I hit the “View error log” (The first line was from a time before the full WAF mode. Don’t know what that is too.):
https://prnt.sc/204y34w

Regards,
Acon

• This reply was modified 3 years, 3 months ago by acon.

Hi @nintechnet

I don’t understand what you mean. I added these directives into wp-config.php manually but they didn’t work.

Where can I find the Full WAF installer? And how to run the installer over FTP?

I’m totally confused here.

Hi @nintechnet

I added these two lines into wp-config.php, restarted Apache and PHP-fpm, tried to activate the Full WAF mode (and failed) several times, but there is no debug.log generated under the /wp-content folder…

Any thoughts?

Regards,
Acon

Hi @nintechnet

I checked my /var/log/ directory and /var/log/apache2/ directory and these are what I found:

(1) in /var/log/apache2/ there are error.log, error.log.1, error.log.2.gz, etc. I tried to combine the lines within the time frame that the crash happened, which was late night on the 13th (1 day and 18 hours ago), but I didn’t see anything with 503 or NinjaFirewall related though.

[Fri Nov 12 06:25:01.825501 2021] [mpm_event:notice] [pid 23187:tid 140102092934080] AH00489: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.1 configured -- resuming normal operations
[Fri Nov 12 06:25:01.825528 2021] [core:notice] [pid 23187:tid 140102092934080] AH00094: Command line: '/usr/sbin/apache2'
[Fri Nov 12 07:54:29.108660 2021] [mpm_event:notice] [pid 23187:tid 140102092934080] AH00491: caught SIGTERM, shutting down
[Fri Nov 12 07:54:45.273652 2021] [mpm_event:notice] [pid 1069:tid 140011440851904] AH00489: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.1 configured -- resuming normal operations
[Fri Nov 12 07:54:45.397606 2021] [core:notice] [pid 1069:tid 140011440851904] AH00094: Command line: '/usr/sbin/apache2'
[Fri Nov 12 16:48:41.521098 2021] [core:error] [pid 1848:tid 140010984654592] [client 193.118.53.210:51160] AH00126: Invalid URI in request HEAD /icons/.%2e/%2e%2e/apache2/icons/sphere1.png HTTP/1.1
[Sat Nov 13 06:17:19.544080 2021] [access_compat:error] [pid 1848:tid 140010875504384] [client 34.65.161.168:11214] AH01797: client denied by server configuration: /var/www/html/
[Sat Nov 13 06:25:01.710105 2021] [mpm_event:notice] [pid 1069:tid 140011440851904] AH00493: SIGUSR1 received.  Doing graceful restart
[Sat Nov 13 06:25:01.757175 2021] [mpm_event:notice] [pid 1069:tid 140011440851904] AH00489: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.1 configured -- resuming normal operations
[Sat Nov 13 06:25:01.757203 2021] [core:notice] [pid 1069:tid 140011440851904] AH00094: Command line: '/usr/sbin/apache2'
[Sun Nov 14 06:25:01.880331 2021] [mpm_event:notice] [pid 1069:tid 140011440851904] AH00493: SIGUSR1 received.  Doing graceful restart
[Sun Nov 14 06:25:01.939076 2021] [mpm_event:notice] [pid 1069:tid 140011440851904] AH00489: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.1 configured -- resuming normal operations
[Sun Nov 14 06:25:01.939104 2021] [core:notice] [pid 1069:tid 140011440851904] AH00094: Command line: '/usr/sbin/apache2'
[Sun Nov 14 08:10:47.635919 2021] [proxy_fcgi:error] [pid 8853:tid 140010858718976] [client 45.146.164.110:47546] AH01071: Got error 'Unable to open primary script: /var/www/html/index.php (No such file or directory)\n'
[Sun Nov 14 09:49:12.379215 2021] [proxy_fcgi:error] [pid 7623:tid 140010825131776] [client 47.96.134.185:35400] AH01071: Got error 'Unable to open primary script: /var/www/html/wp-login.php (No such file or directory)\n'
[Sun Nov 14 12:56:07.004359 2021] [core:error] [pid 8853:tid 140010833532672] [client 45.146.164.110:46654] AH00126: Invalid URI in request POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1
[Sun Nov 14 23:42:35.027957 2021] [proxy_fcgi:error] [pid 8853:tid 140010808321792] [client 45.86.74.235:60541] AH01071: Got error 'Unable to open primary script: /var/www/html/xmlrpc.php (No such file or directory)\n'
[Mon Nov 15 05:12:33.909439 2021] [access_compat:error] [pid 8853:tid 140010791520000] [client 45.93.249.77:53778] AH01797: client denied by server configuration: /var/www/html/
[Mon Nov 15 06:25:01.544155 2021] [mpm_event:notice] [pid 1069:tid 140011440851904] AH00493: SIGUSR1 received.  Doing graceful restart
[Mon Nov 15 06:25:01.607017 2021] [mpm_event:notice] [pid 1069:tid 140011440851904] AH00489: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.1 configured -- resuming normal operations
[Mon Nov 15 06:25:01.607057 2021] [core:notice] [pid 1069:tid 140011440851904] AH00094: Command line: '/usr/sbin/apache2'
[Mon Nov 15 08:03:57.671263 2021] [proxy_fcgi:error] [pid 17696:tid 140011018258176] [client 45.146.164.110:59552] AH01071: Got error 'Unable to open primary script: /var/www/html/index.php (No such file or directory)\n'
[Mon Nov 15 12:53:52.087685 2021] [core:error] [pid 17696:tid 140010816722688] [client 45.146.164.110:45362] AH00126: Invalid URI in request POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1
[Mon Nov 15 14:47:16.618291 2021] [proxy_fcgi:error] [pid 16904:tid 140011009857280] [client 42.51.55.157:49478] AH01071: Got error 'Unable to open primary script: /var/www/html/index.php (No such file or directory)\n'

(2) in /var/log there are <strong>php7.2-fpm.log</strong>, <strong>php7.2-fpm.log.1</strong>, etc and here are lines from 12th to 15th. Again didn't see anything with 503 or NinjaFirewall related.
 
[12-Nov-2021 20:37:32] NOTICE: exiting, bye-bye!
[12-Nov-2021 20:37:32] NOTICE: fpm is running, pid 27066
[12-Nov-2021 20:37:32] NOTICE: ready to handle connections
[12-Nov-2021 20:37:32] NOTICE: systemd monitor interval set to 10000ms
[13-Nov-2021 05:21:42] NOTICE: Terminating ...
[13-Nov-2021 05:21:42] NOTICE: exiting, bye-bye!
[13-Nov-2021 05:21:42] NOTICE: fpm is running, pid 30037
[13-Nov-2021 05:21:42] NOTICE: ready to handle connections
[13-Nov-2021 05:21:42] NOTICE: systemd monitor interval set to 10000ms
[13-Nov-2021 13:21:14] WARNING: [pool www] server reached pm.max_children setting (5), consider raising it
[14-Nov-2021 08:05:08] WARNING: [pool www] server reached pm.max_children setting (5), consider raising it
[15-Nov-2021 06:25:01] NOTICE: error log file re-opened

————-
I’m not a linux expert. Can you please have a look at these log lines? Or I’m looking at the wrong log files?

Regards,

Acon

Hi @nintechnet ,

Thanks for your reply. Here is what I did:

cd /var/www/mydomain.com/public_html/
touch .user.ini
sudo chown -R ubuntu:www-data .user.ini
sudo chmod 664 .user.ini

So now I had an empty .user.ini file with the right ownership and permission, but when I tried to activate the Full WAF mode again, another error message showed up:

NinjaFirewall detected that the requested changes seemed to crash your blog. The website front-end returned: HTTP 503 Service Unavailable.

Changes have been undone. You may need to modify your selection and try again.

What should I do now?

Regards,
Acon

• This reply was modified 3 years, 3 months ago by acon.

Hi @nintechnet

Thanks for your suggestions.

(1) I have my ownership and permissions as below:
($USER = my linux admin user, www-data = Apache server)

All directories and files under /public_html/ (including itself): $USER:www-data
except the /public_html/wp-content/, which belongs to www-data:www-data

ALL directories under /public_html/ (including itself) has 755.
ALL files under /public_html/ (including itself) has 644.
wp-config.php and .htaccess are exceptions. They have 664.

These are settings suggested by an online VPS/Ubuntu course for better security but I can change the settings if needed.

(2) When you say “it must only be accessible (and writable) by root“, which root are you referring? I thought the system root has 777 on all files. Or are you referring to the root user of NinjaFirewall or something else?

(3) Just wondering how the .user.ini works and why should I use it if my PHP settings are all in the existing php.ini? How would a new .user.ini impact my system?

Thanks in advance for answering my questions.

I hope you have a wonderful day.

Regards,
Acon

Hi @crossi72,

Thanks for your reply. To be honest I don’t know if this will help my SEO because (1) I don’t use the page attachment page URL on any pages or posts. I only use the real image file URL (e.g. mysite/uploads/2021/09/xxxx.jpg) and (2) when someone find (for some reason) and access the page attachment page URL, my SEO plugin will redirect him to the real image file URL above so nothing else will be shown. This move will help my SEO for sure.

The reason I asked this question is just for an aesthetic reason. When I use your plugin to change the file name I’m hoping to see everything getting updated accordingly. ??

Regards,

Acon

Thanks Niall @wpniall for solving this problem. ??

Same here. Based in Australia.

WooCommerce version: 5.4.0
Eway plugin version: 3.2.2

When the customers hit “Confirm and Pay”, nothing happens. No error, no message, no nothing.

In WordPress backend I can see the new orders and payments pending under WooCommerce orders.

• This reply was modified 3 years, 8 months ago by acon.

Hi Jose @giuse ,

Thanks so much!! It works like a charm.

I hope you can keep developing this fantastic plugin. I will definitely pay if you release a pro version with more features!

Regards,
Acon

Hi Tim @tneville,

No worries. I appreciate your time and help.

Have a nice weekend.

Regards,
Acon