|
Joined: Jan 2007
Posts: 24
newbie
|
newbie
Joined: Jan 2007
Posts: 24 |
First off hello name is Rob, Webmaster for DieselRam.com. Recently upgraded from the stone age from 3.0 to 7.0 . My q's are this . Does the control panel have a REINDEX for the forums? Some members experiance a 404 FORBIDEN TO POST in some of the topics. And since the change I have lost crucial links to older threads when I was using 3.0 Any help is appreciated If one so chooses to call me send me a PM.
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
Wow, 3.0....that's back from like '99 or 2000 No reindex in the control panel as it's something that is no longer needed. 404 sounds like it can't find the page, possibly a link to an old script. Can you get them to post the full url that they are being sent to when they get that error. As for the missing links. Are those links that were made within posts or from somewhere else?
|
|
|
|
Joined: Jan 2007
Posts: 24
newbie
|
newbie
Joined: Jan 2007
Posts: 24 |
As far as the 404 it is not an old script as it is in the new forum . Such as a new topic was created the another member will try and reply and it gives them a 404 Forbiden.
The missing links,some threads older than DEC 22 we are not able to find. It as if none of the internal links are working.
Oh and 98 was when the site was created. So yes older than dirt.
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
In the importer zip file there are a couple redirect scripts. If you take a look at those and edit them, following the comments, then you can place them in your old install. For example the ubb/ultimatebb.php link. There is a redirect script called ultimatebb.php that you'll need to upload and that will redirect people to the proper post.
|
|
|
|
Joined: Jan 2007
Posts: 24
newbie
|
newbie
Joined: Jan 2007
Posts: 24 |
Ok good . What about the 404 message?
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
I'm not sure on the 404 yet. I have registered however on the site so if there is a specific one that's causing the problem then let me know and I'll see what I can find.
|
|
|
|
Joined: Jan 2007
Posts: 24
newbie
|
newbie
Joined: Jan 2007
Posts: 24 |
Noramally in the 12 valve Drivetrain section . It only happens to certain people but not all.
I just recieved a PM as one person can not due to 404 in the 3rd Gen NON drivtrain.
Last edited by DieselRam.com; 01/04/2007 10:32 PM.
|
|
|
|
Joined: Feb 2006
Posts: 3
stranger
|
stranger
Joined: Feb 2006
Posts: 3 |
Hi Rick vonTrapp here 0) The new UBB kicks arse as far as the interface goes! We sure did go from a Model T to a new Cummins Turbo Diesel! 1) The 404 errors are a little confusing. What we are getting is a 404 not found and a "permission denied" error. There appears to be no pattern as to WHY this is happening. For example, I was (and still am) unable to modify my signature. This is doubly ironic since I have admin access on the site The following error is returned: Forbidden You don't have permission to access /forum/ubbthreads.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. ----------------------------------------------------------------- Apache/1.3.37 Server at www.dieselram.com Port 80Other users are also getting the same error message, but this time it seems they are having trouble posting to certain forums. 2) Possibly related, and just FYI. Right after the upgrade, we had 6 new user groups created that I had never seen before. These are titled "OLD_FORUM_30", 35,45,11,12,48. I was about to delete them, but thought I'd mention them first. They appear to be garbage, although the moderators always seem to have appeared in the group. 3) You'll have to walk me through the zip file. Talk to me like I'm a kindergarten student! I know just enough about this forum to be dangerous The redirect script really needs to be run. 4) Also, seeing as the URL prefix is different, would results from www search engines be all messed up too? Thanks VT
UBB Noob Warning!
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
I think the quickest way to get to the bottom of the permission denied 404 errors is if you can open a trouble ticket with ftp information as well as admin access to the site (preferably yours since you are getting the error when trying to update your signature). With that I should be able to do a bit of debugging to see exactly what's going on.
As for the zip file. Basically, the importer zip for classic had 2 files, ultimatebb.php and ultimatebb.cgi. If you open those up they are pretty heavily commented on what you need to change. THe ultimatebb.php script will go into the original ubb directory, and the ultimatebb.cgi script will go into your cgi directory that held the original classic scripts.
Once those are in place the search engines should redirect from the old links to the new ones as well.
|
|
|
|
Joined: Jan 2007
Posts: 24
newbie
|
newbie
Joined: Jan 2007
Posts: 24 |
Rick I can do this for you now ,add you as a Admin guy.
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
The big thing will be trying to duplicate the permission denied error. I've been fiddling around a bit to see if I can duplicate it but no such luck, everything seems to be working fine. So, will probably need the login info for someone who is having the problem.
|
|
|
|
Joined: Feb 2006
Posts: 3
stranger
|
stranger
Joined: Feb 2006
Posts: 3 |
Rick
Rob and I just ran a little experiment. It seems the 404 errors are related to the IP address of the user. We switched user names and logged in...he had no problem updating my signature (he's in the US, I'm in Calgary). The first time that is...
On the second attempt, it started returning the Permission Denied report. Third attempt it worked. :pWe're messing with it as I type this.
UBB Noob Warning!
|
|
|
|
Joined: Feb 2006
Posts: 3
stranger
|
stranger
Joined: Feb 2006
Posts: 3 |
Rick...ummm, what is an installer zip? I did not do the site upgrade. Looking on the current server, I don't see any zip files (sorry, I told you I was a noob!)
UBB Noob Warning!
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
It's actually the importer zip file. In the members area here there is a zip file called classic_import.zip. This has the redirect files that I was talking about.
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
Hmm, that's is extremely odd about how it works for him and not for you. Do you have access to the webserver error logs? Curious if maybe there might be more information in there.
On another note. If you want to bump me to admin on your forums, display name of RickBaker, then I'll peek around at the various settings to make sure everything looks good.
|
|
|
|
Joined: Jan 2007
Posts: 24
newbie
|
newbie
Joined: Jan 2007
Posts: 24 |
Wow I finally got back in.
My question to you is ,Was the 6.73 version ran first before the 7.0 version for our upgrade?
|
|
|
|
Joined: Jan 2007
Posts: 24
newbie
|
newbie
Joined: Jan 2007
Posts: 24 |
Rick found out what the phrase is that gives you this 404 or atleast one anyway.
Go into the website and find a thread and type in "cat is pregnant".
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
I believe so, I worked with Skip on the data that he transfered over and I believe he upgraded that portion prior to turning it over to me.
As for the 404. Ok, it definitely sounds like the mod_security issue. Although that is quite the odd phrase. How about just "pregnant", does that result in the same thing?
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
Ok, just tested it. It will actually error on "Cat is". "Cat" works fine, and "pregnant" works fine, but it doesn't like "Cat is". That's just crazy. I can't imagine the reason for having that phrase in mod_security
|
|
|
|
Joined: Jan 2007
Posts: 24
newbie
|
newbie
Joined: Jan 2007
Posts: 24 |
Silly isn't it. I have a ticket in with them so we shall see.
|
|
|
|
Joined: Jun 2006
Posts: 16,366 Likes: 126
|
Joined: Jun 2006
Posts: 16,366 Likes: 126 |
It's cat with a string, "cat" doesn't do anything, but "cat __" triggers... the linux cat command is used to view the contents of a file; i'm sure "tail __" will error as well.
bascially that rule is to thwart users exploiting insecure scripts to utilize system commands, they don't want them to cat /var/www/html/config.php (or something similar)...
As i said, it's a really anal module...
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
Yeah, "cat" anything will trigger it. Strange, they don't have a variety of other commands filtered that can do the exact same thing. more, less, head, print, etc. all work fine. Sounds like they were maybe just getting started setting it up, or something.
|
|
|
|
Joined: Jan 2007
Posts: 24
newbie
|
newbie
Joined: Jan 2007
Posts: 24 |
They have been around for a lttle while not sure how long. Hopefully they will get it corrected in the AM .
|
|
|
|
Joined: Nov 2006
Posts: 3,095 Likes: 1
Carpal Tunnel
|
Carpal Tunnel
Joined: Nov 2006
Posts: 3,095 Likes: 1 |
Dang... Giz beat me to it Guess that's what I get for doing real work
|
|
|
|
Joined: Jun 2006
Posts: 16,366 Likes: 126
|
Joined: Jun 2006
Posts: 16,366 Likes: 126 |
Yeah, "cat" anything will trigger it. Strange, they don't have a variety of other commands filtered that can do the exact same thing. more, less, head, print, etc. all work fine. Sounds like they were maybe just getting started setting it up, or something. They're likely using the builtin subset and haven't started tweaking; the default set of filters has a load of examples, I believe cat is one of them. Dang... Giz beat me to it Guess that's what I get for doing real work as usual, i am, the man :nod: lol
|
|
|
|
Joined: Aug 2006
Posts: 1,649 Likes: 1
Pooh-Bah
|
Pooh-Bah
Joined: Aug 2006
Posts: 1,649 Likes: 1 |
Funny... even tho I can't type the word lynx_, I can type in cat is pregnant and even cat /var/www/ just fine...
GangsterBB.NET (Ver. 7.6.1.1) PHP Version 5.6.40 / MySQL 5.7.23-23 (was 5.6.41-84.1) / Apache 2.4.54 2007 Content Rulez Contest - Hon Mention UBB.classic 6.7.2 - RIP
|
|
|
|
Joined: Jun 2006
Posts: 16,366 Likes: 126
|
Joined: Jun 2006
Posts: 16,366 Likes: 126 |
Funny... even tho I can't type the word lynx_, I can type in cat is pregnant and even cat /var/www/ just fine... That means that your host doesn't have those lines defined in their mod_security configuration ...
|
|
|
|
Joined: Aug 2006
Posts: 1,649 Likes: 1
Pooh-Bah
|
Pooh-Bah
Joined: Aug 2006
Posts: 1,649 Likes: 1 |
Really? Do you know of a way I can check the settings via cPanel? I don't see such options. I guess I could ask them what "everyday words" I can't use! lol
GangsterBB.NET (Ver. 7.6.1.1) PHP Version 5.6.40 / MySQL 5.7.23-23 (was 5.6.41-84.1) / Apache 2.4.54 2007 Content Rulez Contest - Hon Mention UBB.classic 6.7.2 - RIP
|
|
|
|
Joined: Jun 2006
Posts: 16,366 Likes: 126
|
Joined: Jun 2006
Posts: 16,366 Likes: 126 |
Most things in the configs are strings, it's nto formed to check for everyday words, some words just fit in the filtered strings. And there is no way to see the config, they'd have to sen dyou the config file; which, for security, they're doubtful to do. You could go and download the module and tear it apart though
|
|
|
|
Joined: Nov 2006
Posts: 3,095 Likes: 1
Carpal Tunnel
|
Carpal Tunnel
Joined: Nov 2006
Posts: 3,095 Likes: 1 |
SSH lets me run CAT and TOP etc... My new account seems to run on a fairly good box with low usage at the moment.
.
|
|
|
|
Joined: Jun 2006
Posts: 16,366 Likes: 126
|
Joined: Jun 2006
Posts: 16,366 Likes: 126 |
SSH lets me run CAT and TOP etc... My new account seems to run on a fairly good box with low usage at the moment. That's SSH, we're talking about the apache Mod_Security module which doesn't allow some webpages to load (or forms to be submitted) if they contain some strings (such as CAT, TOP, SAR, etc)
|
|
|
|
Joined: Nov 2006
Posts: 3,095 Likes: 1
Carpal Tunnel
|
Carpal Tunnel
Joined: Nov 2006
Posts: 3,095 Likes: 1 |
Okay, but then curious how one would use a PUT statement to a page to run a CAT command?
I'm not a Webmaster and have not tried to hack a Linux box, so curious how that is an issue.
.
|
|
|
|
Joined: Jun 2006
Posts: 16,366 Likes: 126
|
Joined: Jun 2006
Posts: 16,366 Likes: 126 |
'eh you type: "cat wash" and it puts it on the page, anytime something is entered with the string it errors.
If you think to some phpbb issues in the past you can see why this is used, they allowed users to indicate commands which would relay the output to the browser, so you could index.php?style=cat%20/etc/shadowed and it'd display the contents of the file you're looking for... pretty dirty.
|
|
|
|
Joined: Nov 2006
Posts: 3,095 Likes: 1
Carpal Tunnel
|
Carpal Tunnel
Joined: Nov 2006
Posts: 3,095 Likes: 1 |
Doh! so simple I couldn't see the forest due to all the trees.
Thanks
|
|
|
|
Joined: Jun 2006
Posts: 16,366 Likes: 126
|
Joined: Jun 2006
Posts: 16,366 Likes: 126 |
lol np
|
|
|
|
Joined: Jan 2007
Posts: 24
newbie
|
newbie
Joined: Jan 2007
Posts: 24 |
Rehashing this 404 Forbidden garbage.
Must be computor illiterate but where do I install this?
.htaccess file under your forums folder (create .htaccess if there isn't one),
SecFilterEngine Off SecFilterScanPOST Off
|
|
|
|
Joined: Jun 2006
Posts: 16,366 Likes: 126
|
Joined: Jun 2006
Posts: 16,366 Likes: 126 |
Generally your .htaccess file would be in your web root (the bottom most directory which can be accessed from the web).
Files that start with a . are marked as "hidden" so you'll need to make sure that you have an FTP client that is capable of listing "hidden files".
Generally most hosts include a basic .htaccess file, if one is not presant, just save your input to a file (any name will do) and upload it to your webspace, and rename it to .htaccess.
The reason I say to rename the file on the server is because Windows does not like files that start with a .
Also, use of .htaccess files only work for Apache webservers.
|
|
|
|
Joined: Nov 2006
Posts: 3,095 Likes: 1
Carpal Tunnel
|
Carpal Tunnel
Joined: Nov 2006
Posts: 3,095 Likes: 1 |
Your host has to also enable .htaccess files for your site from my understanding of it (most seem to allow it).
|
|
|
|
Joined: Jun 2006
Posts: 16,366 Likes: 126
|
Joined: Jun 2006
Posts: 16,366 Likes: 126 |
Likely the permissions for .htaccess will be "basic", I'm not sure if you'd be able to disable these elements in this mode... But theres only one way to find out lol..
|
|
|
0 members (),
1,448
guests, and
60
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
|
|