• Resolved neotechnomad

    (@neotechnomad)



    I cannot login to any of the sites I admin since the plugin update to 1.8.6.
    I have to rename the Sucuri plugin via FTP and then I am allowed to login – then rename the plugin via FTP back again.
    I can navigate the Dashboard, but when I logout, I cannot log back in.

    Please fix this.

Viewing 15 replies - 31 through 45 (of 46 total)
  • I can’t believe you have not withdrawn this bad code! It was reported to you more than 24 hours ago that it seriously breaks our websites. I suggest you issue a new update that just has the old code. Really, this is unacceptable.

    Plugin Author Daniel Cid

    (@ddsucurinet)

    I apologize for the issues. We are working on a fix and it should be resolved soon. It doesn’t affect every plugin user, but some sites are having high latency when reaching out our API server, which is causing the timeouts.

    thanks,

    Thanks Daniel. Keep us updated.
    I’ve noticed that issue doesn’t arise on the sites that I had already had the IP Address Discoverer disabled. In those cases the update works without a hitch.

    Also when running through the previous mentioned recovery processes. I don’t get the option to Generate the API Key again, because it is already generated. I agree with Linn, maybe it is because I’m optimizing through PHPMyAdmin.

    Thanks for your help. Look forward to the resolution.
    I sleep better having Sucuri running on my sites.

    Plugin Author Daniel Cid

    (@ddsucurinet)

    This should be fixed on v1.8.7. Please try it out and let us know.

    Again, sorry for the trouble it caused :/

    Plugin Author yorman

    (@yorman)

    Hello everyone. Thank you for your patience. We just released version 1.8.7 which includes, among many changes, one that targets the issues that you are all experiencing in your websites. Please update and let me know how it works for you. The slowness that you were noticing was causing by a bottleneck in one of the plugin components, this new version implements a queue system that will act as a secondary layer of storage before the security logs are sent to the API service.

    @ddsucurinet
    @yorman

    Not working…
    I upgraded on my main site and now I am locked out.
    I cannot load any page of my site and the site times out.
    I cannot load the wp-login.php either.
    Cleared all the cookies in Firefox browser and related cookies and data on my computer and still cannot load my site – neither the site itself nor the wp-login.php

    Update…

    Renamed the sucuri-scanner directory and still am locked-out – site still times out.

    ====================
    The connection has timed out

    The server at http://www.artscendent.com is taking too long to respond.

    The site could be temporarily unavailable or too busy. Try again in a few moments.
    If you are unable to load any pages, check your computer’s network connection.
    If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.
    ====================

    • This reply was modified 1 year, 3 months ago by  neotechnomad. Reason: Additional Info

    More Info…

    From the error log of the site:

    ===
    [29-Jun-2017 17:39:20 UTC] PHP Warning: Cannot modify header information – headers already sent by (output started at /home/***/public_html/wp-content/plugins/sucuri-scanner/src/interface.lib.php:317) in /home/***/public_html/wp-includes/pluggable.php on line 1210
    ===

    Plugin Author yorman

    (@yorman)

    @neotechnomad — I just pushed this commit [1] to our alpha repository, the warning that you see in the logs seems to be related to an admin alert that we added in two previous versions of the code to invite people to subscribe to our newsletter. The alert is designed to be printed to the page once and then it sets an option to tell the plugin to stop showing the alert again, if the plugin has no access to write that option it will keep showing the alert.

    Version 1.8.7 fixes this but I probably missed another edge case because during our tests we didn’t see any problem with it. The commit mentioned above adds another condition to display the alert only when the user is viewing one of the plugin pages, so it should not be printed in the login page nor the rest of the admin dashboard.

    If you have FTP access, please install it this version [2] and let me know if it fixes the issues in your website, once we have tested this patch we will release a public version so other people can install it.

    [1] https://github.com/cixtor/sucuri-wordpress-plugin/commit/1062efe
    [2] https://github.com/cixtor/sucuri-wordpress-plugin/archive/master.zip

    the update has not resolved anything for me (tested on 9 installs over 3 vps — same timing out). It’s still timing out while trying to do api calls. From what i can see in my logs its timing otu specifically at the part where it’s calling curl.

    Please keep us in the loop as this has cripples my corporate site for a few hrs until we managed to narrow it down to your plugin 🙁

    Great work otherwise!

    Plugin Author yorman

    (@yorman)

    @igglepuff — for now, and until we find a definite solution to the timeouts, please disable the API communication from the plugin’ settings page. Then enable the “Log Exporter” from the general panel located in the same page, this will force the plugin to stop executing HTTP requests and instead will write all the logs into a flat file in your own server, the location of the file is determined by you in the “Log Exporter” panel, this should definitely fix the issue for your specific case, once we have a definitive solution for the timeouts we will release another update.

    I’ve just tested the latest commit and it seems to have resolved the issue in my case! I can login, create users, etc. essentially use any form submission now that calls your api and it’s no longer timing out

    TY for the attention to this!

    @yorman

    FTP installed Sucuri from master file.
    Can login.
    Disabled API communication.

    Cannot activate Log Exporter.
    Created directory:
    “/home/***/public_html/wp-content/uploads/sucuri-log-exporter”
    …but Sucuri does not accept as:
    “SUCURI: File parent directory is not writable.”

    Is there a directory path I should be using instead?

    Though, on the up-side, I have full access to my site. 🙂

    Additional info…
    Though logging out still takes me to 404 page, not the wp-login.php logout.

    • This reply was modified 1 year, 3 months ago by  neotechnomad. Reason: Additional info

    @ddsucurinet
    @yorman

    Summary so far…

    – Unzipped and uploaded suggested https://github.com/cixtor/sucuri-wordpress-plugin/archive/master.zip
    – Gained acces to site.
    – Disabled API communication.
    – Cannot activate Log Exporter after created directory:
    “/home/***/public_html/wp-content/uploads/sucuri-log-exporter”
    – Attempted different versions of above file path (shorter, etc.)
    – Sucuri does not accept as:
    “SUCURI: File parent directory is not writable.”

    Now, again, have no access to site at all – neither the site or the wp-login.php.
    Request times out.

    Renamed ‘sucuri-scanner’ directory to ‘sucuri-scannerXXXX’ with no positive results.
    Still completely locked out and request times out.
    There are no error logs in the site to reference.

    Update…

    Something about this problem seems to have either a time factor or a factor accruing the number of times logging in within a certain time period.

    I accessed my site and could login to the admin. I perform a couple of functions, including instaling another plugin, within the site, then I logged out.
    I accessed the site’s main landing page and a couple of secondary pages, then decided to log in again.
    I could.
    I corrected an error in a post, then logged out.
    Visiting the corrected post, I noticed another error in the text, so I went to wp-login, but it would not load and timed out.
    I attempted to load the site’s main landing page, but it would not load and timed out.

    Two of my clients updated to 1.8.7 after I informed them not to and now they cannot access their sites except for intermittently as described above.
    I gained access to their sites and disabled API communication, but cannot activate Log Exporter on either of them – it will not accept the flie path for either site.
    I surmise that you are still working on a solution.

Viewing 15 replies - 31 through 45 (of 46 total)
  • The topic ‘Cannot Login Since 1.8.6 Update’ is closed to new replies.