yvrdarb

Fatal error: Uncaught Error: Call to undefined function putenv() in /www/wwwroot/serXXXXXon.XXX/wp-content/plugins/woocommerce/includes/class-wc-regenerate-images-request.php:37 Stack trace: #0 /www/wwwroot/serXXXXXon.XXX/wp-content/plugins/woocommerce/includes/class-wc-regenerate-images.php(49): WC_Regenerate_Images_Request->__construct() #1 /www/wwwroot/serXXXXXon.XXX/wp-includes/class-wp-hook.php(308): WC_Regenerate_Images::init() #2 /www/wwwroot/serXXXXXon.XXX/wp-includes/class-wp-hook.php(332): WP_Hook->apply_filters() #3 /www/wwwroot/serXXXXXon.XXX/wp-includes/plugin.php(517): WP_Hook->do_action() #4 /www/wwwroot/serXXXXXon.XXX/wp-settings.php(617): do_action() #5 /www/wwwroot/serXXXXXon.XXX/wp-config.php(106): require_once('...') #6 /www/wwwroot/serXXXXXon.XXX/wp-load.php(50): require_once('...') #7 /www/wwwroot/serXXXXXon.XXX/wp-admin/admin.php(34): require_once('...') #8 /www/wwwroot/serXXXXXon.XXX/wp-admin/plugins.php(10): require_once('...') #9 {main} thrown in /www/wwwroot/serXXXXXon.XXX/wp-content/plugins/woocommerce/includes/class-wc-regenerate-images-request.php on line 37

https://ibb.co/R0HKWGR

No, you aren’t understanding.

It doesn’t install, all that I get is the WSD.

No WooCommerce, no logs.

Thanks.

I am already blocking geoIPs with CSF but it is far from perfect; largely I am specific to the NA region and am only allowing the applicable QC IP addresses. But on another VPS I am targeting the UK, but when I selected the EU region and allowed only the specific UK QC IP addys I had almost a gig sucked in a short period from Germany.

Obviously bots/scrapers/hostiles are a large part of internet traffic these days some sort of defense is needed.

• This reply was modified 3 years, 4 months ago by yvrdarb.

also running file guard/check hourly which would be my first suspicion as to the source of the events. I have since tuned the exclusions and don’t think that file revisions are triggering events any more.

so that is no?

> Does the core WP handle Redis / Memcached

Return ‘ALLOW’; // whitelist isn’t a unconditional all whitelist?

I am trying to allow MainWP through (on another server) and NF seems to like block it.

24/Feb/20 11:59:27  #5926404  MEDIUM       -  199.16.XXX.XXX    POST /wordpress/wp-admin/admin-ajax.php - Blocked access to admin-ajax.php - [bot detection is enabled] - XXXXXXX.com
25/Feb/20 11:59:21  #8795847  MEDIUM       -  199.16.XXX.XXX    POST /wordpress/wp-admin/admin-ajax.php - Blocked access to admin-ajax.php - [bot detection is enabled] - XXXXXXX.com
25/Feb/20 11:59:24  #6067405  MEDIUM       -  199.16.XXX.XXX    POST /wordpress/wp-admin/admin-ajax.php - Blocked access to admin-ajax.php - [bot detection is enabled] - XXXXXXX.com

Any suggestions?

Thanks.

It may make a good addition to the .htninja documentation page on the website.

Cheers.

disregard, I just realized that it was a message from my WAF …

Thanks, no I have no limits on number of ini files.

I just though that it may be an easy way to minimize resources (mostly myself) across several domains.

Thanks for the reply.

Yes, I actually figured it out afterwards.

I was expecting a config menu in WP because of point #6 in the install directions:

After you’ve activated the plugin, you’ll be able to modify the CIDRAM configuration file directly from your plugins dashboard.

So with that menu missing, I wasn’t sure if I had a good install or not and was concerned about site security because I had already stripped away a couple of layers of defence.

Ditto on the .httacess question, I wasn’t sure where or how it hooked and didn’t see anything readily.

But yes, it wasn’t long until my log file started to grow and I was comfortable going to bed ….

CIDRAM has to be the greatest hidden gem in the PHP security arena. I just happened to stumble across mention of it somewhere a week or so ago and have since put it up in front a couple of PHP scripts that were only protected by a free WAF. I used to believe that it was just a matter of time until they got compromised; with CIDR and a WAF I believe that they are pretty safe now.

A couple of suggestions for improvements for consideration:

– integration with Project Honeypot would add another proven layer of hostile filtering.
– more country specific geo-filtering options (ie Germany and/or Hetzner).
– better tor exit blocking because those are the ones that will eventually get you.

But a wonderful project none the less, thanks for your time and effort on the project.

Brad

• This reply was modified 5 years, 2 months ago by yvrdarb.

the actual password does not contain the backslash just the single quote, the backslash is being generated somewhere. probably just going to nuke the install and start over.

It shows the first 10 of 22 random characters; it reads; “….u\” whereas the password is “……u’m……”

The problem seems to replicate itself; I have uninstalled and reinstalled several times to the dame affect.

Thanks, not a priority; wasn’t expecting weekend help.

Version: 1.6
Found /home/bcXXXXew/domains/caXXXXXx.ca/public_html/wordpress/wp-config.php.
Opening it for reading.
Looking for DB_NAME, DB_USER, DB_PASSWORD, DB_HOST and $table_prefix:

    DB_NAME: found 'bcXXXXw_wx'
    DB_USER: found 'bcXXXXw_xw'
    DB_PASSWORD: found (click here to view password)
    DB_HOST: found 'localhost'
    table_prefix: found 'et_'

Attempting to connect to the DB:
Warning: mysqli::real_connect(): (28000/1045): Access denied for user 'bcXXXw_xw'@'localhost' (using password: YES) in /home/bcXXXw/domains/caXXXXx.ca/public_html/wordpress/wp-db.php on line 92
Connection Error: Access denied for user 'bcXXXXw_xw'@'localhost' (using password: YES)

Exiting.

I am not getting an error anywhere else; one of the chars in my password maybe?

Basically I have 250 domains that are all parked on one domain with user migration across multiple domains in a visit and manually managing SSLs is pointless to even try. Looking for errorless movement from domain to domain.

Thanks for the tips.