No response from server

Home Forums Support Forum No response from server

Tagged: 

This topic contains 17 replies, has 2 voices, and was last updated by  Miquel Conesa 7 years, 5 months ago.

Viewing 15 posts - 1 through 15 (of 18 total)
  • Author
    Posts
  • #1616

    Hello,

    I’v migrated my site to another hosting provider (cloud hosting). Since then I can not activate the brute force protection functionality. In the previous hosting (shared one), the plugin funtionality was working good.

    Now the plugin does a compatibility test and then it ends with the “No response from server” error message.

    Having read your foro, It seems the issue could be related to the rewrite rules.

    Some background in case it can help:

    - WordPress is installed in a subfolder “public_html/subfolder/”, where the wp-config.php is located.

    - There are  .htaccess files in both the subfolder and in the root public_html.

    Thanks for your work in the plugin and your support,

    Miquel

     

    • This topic was modified 7 years, 6 months ago by  Miquel Conesa.
    #1618

    Anti-Malware Admin
    Key Master

    Does your new server run nginx or apache? rewrite rules only work in apache so my brute-force patch does not work in nginx.

    #1619

    The main server  is running Apache.  There’s asecondary  nginx server for static files.

    In case it can help understanding the scenario, below a link with a screenshot of the active services  running in the  cloud server.

    https://drive.google.com/file/d/0B8ZDp_ulQ7nyTjkycFBuYkJRQnM/view?usp=sharing

    Thanks.

    #1620

    Anti-Malware Admin
    Key Master

    Check your browser’s Error Console to see if there are any JavaScript errors on the page when you get the “No response from server” error message. Then check your servers’s error_log files to see if there is any indication as to what exactly is not working right.

    #1621

    The borwser console is printing this error:

    Refused to execute script from ‘https://keyelp.com/xxxxxxx/wp-content/plugins/gotmls/images/gotmls.js?SESSION=0′ because its MIME type (‘image/gif’) is not executable.

    I’ve checked  the folder and there is no gotmls.js  located in this directory .

    I hope this info can help.

    Thanks

    #1624

    Anti-Malware Admin
    Key Master

    Yes, there is no gotmls.js located in that directory, but there is a rewrite rule in the .htaccess file that is in that directory which should allow it to generate dynamic JavaScript content (not “image/gif” content).

    Can you test something for me? Can you make a new file called test.php in that same directory and put this code in that file:
    REQUEST_URI=
    < ?php echo htmlspecialchars($_SERVER["REQUEST_URI"], ENT_QUOTES); ?>

    Then call up that file in your browser and tell me what it says?

    #1628

    Seems to work OK:

    REQUEST_URI= /sp/wp-content/plugins/gotmls/images/test.php

    Screenshot attached:

    https://drive.google.com/open?id=0B8ZDp_ulQ7nyUFVEa0FyU2NDTWc

     

    For your information, in case it could be related with  this issue, I had to change the directory permissions and ownership, to be able of uploading (ftp) the test.php file.

    Does it make sense to uninstall and reinstall the plugin??

     

    Thanks,

    #1629

    Anti-Malware Admin
    Key Master

    That does seem to work as I expected, so I’m not really sure why the rewrite is not working correctly.

    The next step would be to put this code in your test.php file:
    < ?php
    if (preg_match('|(.*?/gotmls\.js\?SESSION=0)|', GOTMLS_script_URI, $match))
    print_r(array(GOTMLS_script_URI=>$match));
    else
    print GOTMLS_script_URI;
    ?>

    #1630

    I tried this script, but it seems the constant  GOTMLS_script_URI is not defined.

    The script is printing it as a string. See screenshot with PHP error messages:

    https://drive.google.com/open?id=0B8ZDp_ulQ7nyS1h4NG96VmphSUk

     

    I’ve taken the initiative to do a further test, by pasting the small script  at the end of the index.php file . I’m assuming the constant is defined in this file. When calling the modified index.php file, a small square was printed at the top left side where before it used to print a small GOTMLS logo.

    I’ve reverted the change. Still the small square is printed. Below a link to the screenshot with the square, just in case it has any importance…

    https://drive.google.com/open?id=0B8ZDp_ulQ7nyTE9QWHhMWndXbzg

    Thanks

    #1633

    Anti-Malware Admin
    Key Master

    Ah, yes. Now try changing the .htaccess file in that directory so that it redirects to test.php instead on index.php and then call up that gotmls.js path in your browser.

    #1634

    I’ve changed the htacces a per your indications, and the same php message was printed. ?undefined constant’ (screenshot attached).

    https://drive.google.com/file/d/0B8ZDp_ulQ7nyaWFFZjBTMkIteVk/view?usp=sharing

    Again I’ve done a furtehr test. Now I’ve copied your script followed by an ‘exit;’ instruction above line 94 of the index.php file, where I’ve seen you’re checking the content of this constant. This time it printed:

    /sp/wp-content/plugins/gotmls/images/gotmls.js&mt=1474278354.9215

    screenshot:

    https://drive.google.com/file/d/0B8ZDp_ulQ7nyeXhRNDI5aFRXVVE/view?usp=sharing

    Hope it helps. Thanks.

     

     

     

    #1638

    Anti-Malware Admin
    Key Master

    I am not getting that same result so I think you must have put more code in there from the index.php file. I am trying to debug and isolate the exact conditions that are not being met for the if statement to produce that error you are getting. Would it be possible for you to create an admin login for me so that I can login to this site and debug the code in-place?

    If so, You can email the login details dorectly to me: eli AT gotmls.net

    #1643

    Hello,

    Somedays ago, I sent by email  the credentials to go into the site.

    Did you receive it and manage to check the issue yet?

    One more question. Can the brute forze protection be enabled on other login pages, apart from the  default wp-login.php?

    I mean, my site has another login page (deployed by the Woocommerce plugin). Is there a way to configure  GOTMLS to protect this other page too?

    Thanks.

    #1662

    Hello again,

    Did you have the chance to check it yet?

    If you think you’re not going to do it in the near futre, let me know, as I would remove the sever clone. It’s been created just for this test and it’s costing some money.

    Regarding my question above: “Can brute forze protection be enabled for other login pages?” If the answer is not, as I think it is, then I’d probaly just block the access to wp-login.php, as the normal user flow is registering on other forms in the website.

    I’d then use the plugin for virus scannning and forget about brute force.

    Thanks,

    Miquel

     

     

    #1663

    Anti-Malware Admin
    Key Master

    I have spent quite some time debugging multiple issues on this test site that you gave me access to. First, I found that some of the rules in your .htaccess files were preventing the rewrite rule in my plugin directory from working properly. After fining a workaround for that problem I found that your server was not able to save and retrieve a session file. The directory where session files are stored has the following permissions: drwx-wx-wt

Viewing 15 posts - 1 through 15 (of 18 total)

You must be logged in to reply to this topic.

Comments are closed.