WordPress.org

Ready to get started?Download WordPress

Forums

Yet Another Related Posts Plugin (YARPP)
[resolved] YARPP causes server crash (4 posts)

  1. richards1052
    Member
    Posted 3 years ago #

    I just tried to upgrade to the latest version of YARPP (3.3.1) and it caused my Hostgator (shared) server to crash. I can't figure out if this is HG's problem or the plugin is causing the problem.

    I just wanted you to know that both times I tried to upgrade I crashed the server. I've never had this happen before w. a WP plugin.

  2. richards1052
    Member
    Posted 3 years ago #

    Here’s the specific security error generated by my log:

    Wed Jun 08 03:27:26 2011] [error] [client 223.204.134.118] ModSecurity: Access denied with code 403 (phase 2). Match of "rx (/wp-content/plugins/one-click-plugin-updater)|(www/delivery/ajs.php)|(www/admin/dashboard.php)|(/wp-content/(themes|uploads)(?:/(\\\\w+))*/(tim)?thumb.php|/pl/download\\\\?file=http|/index\\\\.php/admin/system_config/save/section/payment/|^/b/ss/mxmacromedi ..." against "REQUEST_FILENAME" required. [file "/opt/mod_security/hg_rules.conf"] [line "91"] [id "1234234"] [msg "JITP:1234234-RFI-REQUEST_FILENAME=cheapestlaptop.cheapandworth.com"] [hostname "www.richardsilverstein.com"] [uri "/tikun_olam/"] [unique_id "Te8ybkMSE@IAAGKbHmIAAABH"]

    The cheapestlap.com filename looks absolutely weird. IS that spam or should that be called as part of the upgrade? It appears the error is being caused by the one-click plugin updater, which may not be related to your plugin specifically. But whatever it is this is one helluva strange set of behaviors.

  3. mitcho (Michael Yoshitaka Erlewine)
    Member
    Plugin Author

    Posted 3 years ago #

    Just to clarify, as per our email correspondence, this issue was *not* due to YARPP and was your hosting company's misconfiguration of your server. Glad the issue was resolved! :)

  4. richards1052
    Member
    Posted 3 years ago #

    No, not a misconfiguration on the host's part. For some reason they set a security exception for scripts downloading files in the manner that the one-click plugin updater does because they had someone take down their server w. a script that operated in a similar way.

    But they're trying to get my site whitelisted so this doesn't happen again.

    And no, it wasn't the fault of YARPP.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic