Interrupt in Build Package – no timeout

Hey Henk,

Yeah if it fails immediately then its not a timeout issue. In your case it looks like a WordPress Roles Privileges issue. Are you setup as a WordPress Administrator on that site?

Thanks~

Hi Cory,
\
Thank you for your quick reaction. Yes, the account I use is the admin account (although it is not called “admin”). I use it also to install theme updates and plugins, for example.

Yeah that is quite strange… Have you tried to log in/out to see if it resets any of your cookies. Maybe try and clear the browser history… I don’t think I have seen this one before, not 100% sure where to look.

Hi Guys

After a quick google, I ended up here – the only hit – I am seeing this error for the first time too (although only an occasional Duplicator user).

Server Status: 200 -OK
Error Message:
The page you are trying to access is restricted due to a security rule.

If you believe the security rule is affecting the normal operation of your website, contact your host support team and provide detailed instructions how to recreate this error.
They will be able to assist you with rectifying the problem and adjusting the security configuration if needed.

And I am wondering if it might be caused by a recent security plugin update – maybe Sucuri, or Wordfence, or Bullet Proof Security ? (I am using all these on my site, and they have frequent updates).

Henk – I wonder if you are using one or more of these security plugins too ?

I’m getting this too. Feels to me like something has changed recently, perhaps in Core(?) which has affected the plugin?

Hi Cory (and other people),

I tried all kinds of things; definitely also clearing the browser history and logging in again.

Below is my most recent test. This is becoming weirder and weirder…

The site I have this problem with, is on SiteGround (shared hosting, lowest price category). I happen to have another, completely separate account at the same ISP, which I am not using seriously. On that other account I did the following:

– Verified in cPanel that SuperCacher and Cloudflare are disabled
– Created a brand new, not earlier used subdomain
– Created a new MySQL database
– Downloaded the WordPress 4.1 installer from the WordPress site (my last successful Duplicator run, a little more than a week ago, was on WP 4.1)
– Created and configured wp-config (database settings, keys & salts, added a line “define( ‘WP_AUTO_UPDATE_CORE’, false );” so that the installation would not immediately auto-upgrade to WP 4.1.1)
– Copied the files to the new subdomain folder
– Ran the installer job, selecting the language (NL) and setting up the admin login
– Verified that the site (only containing the single, standard post with its single comment) is indeed working
– Installed Duplicator
– Ran Duplicator – SAME PROBLEM!

So: test with a brand new site, no security or caching, no other plugins that could be in the way.

I am starting to wonder if SiteGround did something last week to cause Duplicator not to work anymore… I have asked their advice as well.

Anybody any ideas?!

Great work, Henk ! ??

So that rules out any security plugins, and interesting that I am also on a cheap Siteground hosting package (coincidence ?) In fact, I was only wanting to use Duplicator for a quick site snapshot backup, as I’ve been getting so many server time-outs recently with my usual WP backups.

Hello everybody,

Problem solved ??

I sent a message describing my last test to SiteGround Support at around the same time I sent message #7 above.

First reply, after a few minutes:

There are no changes with our security settings for our shared servers.

… but they would look into it further, using the admin login I gave them.

Half an hour later a support guy sent me the below message with a solution:

I have checked and noticed that the issue was caused by a security rule of one of our modules.

I have added the following to the .htaccess file in your home folder to deactivate the problematic rule for your entire account:

<IfModule mod_security.c>
SecFilterRemove 001838
</IfModule>

I have then performed another test and the issue was resolved.

I checked as well, also on the “real” website; The Duplicator Build process is working again.

By the way, wonderful service, if you ask me. I only have the lowest price shared hosting account without any additional support options.

Nice one, Henk – thanks for the update.

I do wonder though if this is introducing a (slight) vulnerability ? (And also a bit of a nuisance, having to do apply this workaround to many sites).

Hi Henk,

Thanks for your info. However, I’ve put the exact code in .htaccess file but still experiencing the same problem you had ??

Any other suggestion that you could give me?

thanks and in advance.

marwazihs – are you also on Siteground ?

@photomaldives – No, i host it in digitalOcean.com.

My other installations in the same machine had no issue. The issue happen in a new site that im working on using WP 4.1.1 and latest Duplicator plugin installed.

@photomaldives:

Yes, I also wondered if disabling rule 1838 in mod_security would create any security risks. However, I decided that I would take the risk, assuming that the ISP’s support team knows what they are doing.

It would of course be best if Cory could take a look at his code, to see if it does anything (maybe setting permissions higher temporarily?) that could cause a mod_security firewall to protest.

@cory:

Does the above make sense to you? I tried to find out from SiteGround support what their rule 1838 is about but, understandably I suppose, they are somewhat evasive on that issue ??

@marwazihs:

I recommend doing what the error message recommends you to do (if you indeed get the same error message):

…contact your host support team and provide detailed instructions how to recreate this error.
They will be able to assist you with rectifying the problem and adjusting the security configuration if needed.

I wish I had done that myself, rather than spending hours trying to find if I had done something wrong.

There are some calls to chmod that the plugin tries to make on behalf of the environment. This might be what is causing the issue/alert to happen. I would have create an option to allow this to be turned on/off if that was the underlying issue…

@cory Thank you for your support. I really love this plugin and have been using it in the last 1.5 years without issue. Look forward for the solution ??