I have a multisite Drupal 7 setup. I just noticed that on the one I'm working on, I can't upload any files at all. I tried using the file upload, and IMCE in it's file browser. I just keep getting a generic file can't be uploaded error. I have two other sites on the shared system, and they work fine. I have checked and rechecked all the file permissions and ownerships, and they are exactly the same. All the file settings, permissions, etc. on all three Drupal sites in the admin sections are the same. I'm at a loss of where to look next. The server error logs are no help, as well as the dblog in Drupal. Any ideas would be great because I've been looking at this for too long now.
It looks like I fixed this finally. The solution still doesn't seem to make any sense, but it works. I had to change the group ownership to apache instead of the default Plesk owner. The other sites work with the group owner as Plesk, so it doesn't make sense to me. At least it works.
Related
I'm new to OFBiz and having trouble making it work on production. I'd appreciate it very much if you could help me to narrow down or even better solve the problem :-)
I was able to able to run OFbiz successfully at localhost and access data that came with the project (ex: https://localhost:8443/webtools/control/entitymaint)
I went through the steps setting up SSL for the project on production site on my Windows Server (I was able to access https://www.mywebsitedomain.com)
I created a folder called ROOT and put the OFBiz folder(same folder on my localhost) in the ROOT folder
I also have set up an SSL Certificate, then added the following to server.xml under Tomcat 9.
(Connector port="8443" maxThreads="150"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="C:\Program Files\Apache Software Foundation\Tomcat 9.0\webapps\apache-ofbiz-17.12.03\keystore.jks" keystorePass="Password"
clientAuth="false" sslProtocol="TLS")
(/Connector)
When running https://www.mywebsitedomain/webtools/control/entitymaint(same URL except for localhost), I got the message.
"404 - File or directory not found.
The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable."
Edit: Add some additional information
I found the following information on the OFBiz Production SetUP page:
"Configure the ofbiz-containers.xml file to point to your new keystore and password:
If using Tomcat (Catalina), which is the default, find the "catalina-container" -> "https-connector" -> "keystoreFile" and "keystorePass" properties and set them."
I go to apache-ofbiz-17.12.03\framework\base\config\ofbiz-containers.xml
All the entries I have are below. I don't know where I can add "keystoreFile" and "keystorePass" properties
<ofbiz-containers xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/ofbiz-containers.xsd">
<!-- load the ofbiz component container (always first) -->
<container name="component-container" loaders="main,rmi,load-data,test" class="org.apache.ofbiz.base.container.ComponentContainer"/>
Thanks in advance.
Jessie
As you found, OFBiz uses an embedded Tomcat (9.0.31). So server.xml is of no help. This wiki page needed update, done. The file you are looking for is framework\catalina\ofbiz-component.xml.
But I'm not sure you are going the right way doing this. Most of the time, it's easier to use Apache HTTPD, even on Windows. You may refer to https://s.apache.org/vmemj. Also for certificates Let's encrypt is what we use for our demos. It's free and, apart the renewal every 3 months, it's great. With their cerbot that's even not a big deal.
By and large, you should better ask questions in the OFBiz user Mailing List.You need to subscribe, please see https://ofbiz.apache.org/mailing-lists.html
HTH
In point 4 you speak about the following, but I see nothing, do I miss something?
You could also ditch OFBiz and migrate to the awesome Scipio ERP (based on the same foundation): www.scipioerp.com
We have a documentation on exactly your question right here: https://www.scipioerp.com/community/developer/installation-configuration/clustering/webserver-configuration/
I was just hired to maintain and redesign various site the company has running on an old version of DNN. The site has been hacked and someone uploaded some directories and web.config files that were redirecting users to stream suspicious streaming sites. Also, the attacker added some scripts that show Google Ads on all the blog articles. Needless to say its a mess.
Nevertheless, I was able to go in there, deleted a super admin account (that's how they got in I think) , delete a few directories that had over a thousand html files for streaming sites and also deleted the old FCK Editor.
I am completely new to DNN and need some help with the directory and structure to try and see if I can resolve this. So far, I cannot get rid of the Google Ads in the blog and for the life of me I cannot find where the blog articles live inside the root/directory. When I go in there and delete the ads through the DNN UI the ads come back in hours or a couple of days. The directories with the html files have not returned. Just the ads.
I know that we have to upgrade but if I remove the ads I will have more to to develop the new sites without feeling rushed because of the current issue.
If anyone can point me in the right direction I would really appreciate it.
That sounds awful, as obviously someone (ore something) still manipulates your site from the outside (or inside?). There are a lot of issues on old DNN Versions, and the only thing I can really recommend is to find an upgrade path to the newest version. I don't know how big your site is, maybe it is easier to set it up from scratch with a new version (if the site is not too big).
The directory structure does not help you finding any content as everything is stored in a database. To be more specific I would need more information about the DNN version and the extensions (and versions of the extensions) in use, but disclosing this here in the public could be a security risk for you. You could write me a PM here if you wish to get in contact.
To find people (maybe in your area) who can help you could give these web sites a try: https://dnncommunity.org (Resources > Forums) and https://dodnn.work/.
It sounds like your site might have been impacted by a few different exploits, and most likely I would guess it is version 7.x or earlier and been upgraded from versions prior to that.
For the immediate need you are going to need to try and identify anything and everything that is out of the norm, this can be very daunting for those that are not familiar with the platform, but a few tips.
Look in the DB for data in the Header or Footer field of the TabModules table
Look for any rogue files that really should not be there, anything with an extension of (.php, .asp, etc.)
Look for rogue files in directories outside of the /Portals/* folder that don't match a DNN Install. (This takes a bit of personal experience.)
Look at your default.aspx file it should NOT have a recent modified date. If it does, compare it against the one that you get when you download the install package of that version of DNN
Now, once you have done this, be sure to do any mitigations that you can for known exploits. Including:
Delete /Install/Install.aspx
Delete /Install/InstallWizard.aspx
Disable any host account with a username of 'host' and create a new one if that was your only one
Feel free to email me directly as well if you need some help.
So straight to the point- Im trying to clean my host entirely (databases too) and after I delete the last 2 files wp-content and wp-includes (700MB of files) they get restored instantly. This may be a simple question but for me it s very odd and I don`t get it. Besides file-manager i used Filezilla too and the same thing happens(my hosting company as it su#%$ failed to give me a reply after 48h).
I have recorded a short video of my problem to help you better understand my issue.
https://www.youtube.com/watch?v=wqL35R0-vvw&feature=youtu.be
Hope you`ll be able to help me. Thank You !
I`m working on this website for an NGO after it was hacked and for now I want to wipe every single file from the server and rebuild it but those files which have inside infected pages(php scripts) wont get deleted
Chances are very good some of those files are owned by the webserver, especially if you were compromised via a WordPress vulnerability. As they're owned by the webserver and not your user, you're unable to delete them.
If you have root/sudo access, you can use that on the command-line to remove them. If you don't, you'll need your host to help.
i am trying to figure this out for a long time now, but so far no luck, maybe somebody can help me.
I have a 2.2.2 cakephp installed on my computer (localhost) and everything works perfectly. But now i want that same project to be online on remote server. I upload everything, set mysql path but i get a blank page when trying to access the site.
If i upload a fresh cakephp it works, but my project doesnt. The debug is set to default, think that should be 2? I also deleted files in cache/tmp, but still no errors or anything, just blank page.
Any info would be helpful, thank you.
I hate when that happens :). Usually it does if there is an error somewhere and you can't see it because the errors are turned off, so you should call phpinfo() and see if display_errors is on. Changing the debug mode doesn't work every time since display_errors is set from php.ini.
Unfortunately, if this is the problem and you don't have access to edit the php.ini file, you might need to ask the hosting provider to change it and restart the php service.
You can also try this: error_reporting(E_ALL)
I uploaded changes to my cakephp website and discovered that all actions for a particular controller returned a blank page. I discovered what the error was and was able to reproduce it with another controller.
The problem was that in the first line of my controller file I had a space before the opening php tag.
One space cost me hours.
Just uploading all files won't cut it. Make sure you work through this checklist:
First and foremost, check the error log file located under app/tmp/logs/error.log, this usually holds some very good pointers as to what is wrong.
Make sure you have uploaded the app/Config/database.php file with the proper details. Local installs usually have user root without password. Online servers (obviously) do not!
To that extent, also make sure you actually have a database with your hosting provider (either your host sent you the info or you need to create it yourself using their control panel).
Make sure you also uploaded all .htaccess files (the one under the root directory and /app and /app/webroot), some FTP programs don't show this "hidden" file by default.
If all else fails, contact your hosting provider for further support as they usually have access to more verbose server logs that can also hold clues.
The real problem was only the coding I used in notepad++. All my files were encoded with UTF-8, but they should have been UTF-8 without BOM. After I changed it to UTF-8 withot BOM, everything started to work perfectly.
We have had multiple DNN sites running for quite a few months now without any issues. Twice in the last 3 days our sites have gone offline by the addition of the app_offline.htm file in the root dir.
There is only one developer with access to the sites at a coding / directory viewing level and the file is generated at weird times times when he is NOT accessing our network.
We are not publishing anything to the server ( and have not published any .net code in days ), upgrading, changing code, or even modifying content. Has anyone run into this issue?
It sounds like someone is messing with your server. Can you view the event logs to see who is accessing your server? Do you have the ability to change the passwords on the box?
Mark