Greg Marshall
Forum Replies Created
-
@reneesoffice You’re welcome! Hope the info I gave is helping to resolve the issue
Hello,
You’re welcome, we have our own servers running cPanel on CentOS.
Mod Security using Comodo WAF Rules. – https://modsecurity.comodo.com/
Typical CSF firewall setup – https://www.configserver.com/cp/csf.htmltemporarily disabling the rule while you complete authentication does seem to be enough. After re-enabling I’ve not been asked to re-auth.
Logs:
lfd[30134]: (mod_security) mod_security (id:210580)[Thu Dec 19 15:49:06.849843 2019] [:error] [pid 26121:tid 46936046700288] [client ###.###.###.###:58273] [client ###.###.###.###] ModSecurity: Access denied with code 403 (phase 2). Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||my.domain.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/analytics.edit https:/www.googleapis.com/auth/analytics.manage.users https:/www.googleapis.com/auth/analytics.readonly https:/www.googleapis.com/auth/analytics https:/www.googleapis.com/auth/webmasters https:/www.googleapis.com/auth/siteverification openid https:/www.googleapis.com/auth/userinfo.profile https:/www.googleapis.com/auth/userinfo.email"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "my.domain.com"] [uri "/"] [unique_id "Xfub8mqWIlJZPlDJIyQcZwAAAIw"], referer: https://accounts.google.com/signin/oauth/consentsummary?authuser=(removed)=en&as=###&approvedScope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fanalytics.edit%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fanalytics.manage.users%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fanalytics.readonly%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fanalytics[19/Dec/2019:16:17:43 +0000] XfuiplW00apbP@ermTUgFAAAABE ###.###.###.### 25281 ###.###.###.### 443 Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client ###.###.###.###] ModSecurity: Access denied with code 403 (phase 2). Matched phrase ".profile" at ARGS:scope. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||my.domain.com|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/analytics.edit https:/www.googleapis.com/auth/analytics.manage.users https:/www.googleapis.com/auth/analytics.readonly https:/www.googleapis.com/auth/analytics https:/www.googleapis.com/auth/webmasters https:/www.googleapis.com/auth/siteverification openid https:/www.googleapis.com/auth/userinfo.profile https:/www.googleapis.com/auth/userinfo.email"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "my.domain.com"] [uri "/"] [unique_id "XfuiplW00apbP@ermTUgFAAAABE"]Forum: Plugins
In reply to: [Equal Height Columns] PHP 7.2 & count()I just upgraded multiple WP sites from PHP 7.0 and 7.1 to 7.2 and my server logs are now filling up with this issue too from the sites using this plugin
PHP Warning: count(): Parameter must be an array or an object that implements Countable in /wp-content/plugins/equal-height-columns/admin/class-equal-height-columns-admin.php on line 248Forum: Plugins
In reply to: [W3 Total Cache] W3TC Not showing dedicated server caching optionsI use mod_pagespeed with w3tc
When you flush your w3tc cache it should also invalidate the pagespeed cache (if not empty your pagespeed cache manually) once w3tc regenerates your files and page cache you will then need to load your site a good number of times. Pagespeed normally only starts to work once your site gets visitors and requests are made. As far as I am aware it will not auto prime like w3tc can do. So you need to wait for pagespeed to rebuild its own cache normally by requesting the page a number of times this can obviously take a while and can also hammer the CPU until its generated everything, but after that obviously your good.
Also if W3TC does a good job and there is nothing left for mod_pagespeed to do it will also not optimise and rename your files. Which is good otherwise you’d waste all sorts of resources
You also need to check your pagespeed conf to check and see what filters and options are enabled. It can usually be found in /etc/apache2/conf.modules.d/456_pagespeed.conf (CentOS and EA4)
You can also get pagespeed to log to your apache logs. If you have the time it will show you everything its done (you may have to enable loggin via the .conf file)
Forum: Plugins
In reply to: [W3 Total Cache] woff and woff2 don’t need compressionI believe Woff2 files are essentially compressed by Brotli anyway so if that is true Gzip would never be able to compress further unless brotli was using very low settings.
OP is correct if W3TC is trying to gzip woff2 then its a waste of resources.
Forum: Plugins
In reply to: [W3 Total Cache] Database Cache accessing incorrect databaseSwap out Memcache with Redis, redis lets you define how many Redis DB’s you want and W3TC lets you choose which Redis database to connect it to.
It works similarly to memcache and can be installed via YUM if you have root access. Redis docs are pretty good and its fairly easy to manage once you have a quick read.
Ypu can also set a max amount of RAM for Redis and configure key evictions to free up space when the memory runs out
Forum: Fixing WordPress
In reply to: Media library grid view infinitely loadingOk I think I worked it out.
Instead of uploading the media bit at a time via the uploader I was copying them to the folder (via ssh) then using a plugin to add to library. Which was fine, the actual problem seems to be from exporting and importing my sliders from my two slider plugins, even though their images originally came from the library, when imported they created their own folders in the uploads folder and put their images there (clever I guess in case my new import location didn’t have the same library set up)
Anyway I removed the 2 folders from the slider plugins and that seems to have fixed it. I still had the media in my library so I did a mix of search and replace and using the image picker to set the correct images.
So in short, removing the additional plugin folders from uploads fixed it for me. IF anyone wants to try the same backup your files first! Some plugins legitimately need folders in the uploads directory. So take a copy before deleting
@benbodhi thanks for your suggestion on the import files it put me in the right direction!
Forum: Plugins
In reply to: [W3 Total Cache] W3TC’s php_flag causing 500 Internal Server Erroryou are very welcome, although when removing the php_flags and aftersaving the file you should change the file permissions (chmod) on the .htaccess file to 444 removing the write access, that stops w3tc overwriting it until you can try @fistfullofcrisco recommendation or get into the browser cache page to remove the settings.
Forum: Plugins
In reply to: [W3 Total Cache] W3TC’s php_flag causing 500 Internal Server ErrorI think I have a solution that will help until a plugin update is done
Go to your browser cache settings page in w3tc (/wp-admin/admin.php?page=w3tc_browsercache)
For me I changed the first 3 settings under Security Headers to “leave as is” – they were set to enabled before that.
This removed the 3 php_flag options that caused my problems.
Here is a screenshot
Forum: Plugins
In reply to: [W3 Total Cache] W3TC’s php_flag causing 500 Internal Server ErrorI also have this issue. Its just cropped up in the last few days.
as a temporary fix I changed my .htaccess permissions to 444 (removing write access from the plugin) then removed the php_flag lines and saved.
Until there is a fix I will need to remain this way. Does anyone know the actual settings that set the php_flag variables? I’m thinking its on the Browser cache page
Forum: Fixing WordPress
In reply to: Media library grid view infinitely loadingThanks, I’ll need to transfer my changes over to the live site first so that will probably take some time before I can recreate the dev site and fix the issues
It intrigues me when these things happen, the reason I created the dev clone was because the live site started having issues so I decided to create a brand new install with fresh theme, plugins and core files and then just import the content and now I have a whole brand new issue….
I’ll post back when I get a chance to copy my changes over (manually) to the new site and recreate the dev clone and see if it still happens
Forum: Plugins
In reply to: [SVG Support] SVG Media library issuethanks !
Forum: Plugins
In reply to: [SVG Support] SVG Media library issueHi @benbodhi
I’ve checked further and it seems I infact have a WP issue, it was just more noticeable with the SVGs because there 3 sets of 38 icons and there was only about 50 in total showing… But I have since tried it without all the plugins and themes and it turns out that its happening to everything in the grid view. It loads so far and then AJAX seems to make infinite calls.
Ive created a separate thread for this https://wordpress.org/support/topic/potential-bug-media-library-grid-view-infinitely-loading/
if you have further insight I’d love to hear it
Thanks for responding
Forum: Plugins
In reply to: [SVG Support] Make SVG RepsonsiveHi there,
couldn’t see any SVG images on that page so off the top of my head…
SVG’s can be manipulated easily with CSS. You could always write up a media query to force the responsiveness or try setting your dimensions using either, %, vmin, vw or vh.
Personally I’d probably just set up media queries. Chances are your theme already has them built in so you could even add to the existing media queries and just set something for your svg class inside them. IF not a quick google will give you some of the commonly used queries for devices
Hi, I have this issue too,
have attempted to deactivate plugins but it still seems to show the notice. I also need all my active plugins.
Is there a way we could permanently suppress this message? I have far too many notifications building up !
I also just installed your plugin today so I was certainly never using v2.3 either.