From: Joyce D. <joy...@co...> - 2012-10-27 02:09:26
|
I'm using 6.2 (I tried upgrading and broke the site, but I put it back and it was running well). I only use the wiki, users, and file gallery with wysiwyg. I renamed a page on the home page and thought I could also move it to its new place in the list alphabetically. I clicked the "edit template" tab which is how I thought I could rename the page, but I set it back after I realized that it didn't help & I didn't want to give permissions to edit templates. After I tried to save the home page I got an error message. I can see the home page and edit files linked on the home page, but I can't edit the home page itself. I get: Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, webmaster@[omitted for privacy] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. I'm the administrator. All permissions on the server are set to 755 and a couple are set to 777. I can still change permissions in the tiki and I have all the proper admin permissions from the inside. So I thought maybe I did edit the template that created the error, so I reset it to edit template and again I got an error: http://[omitted for privacy]/tiki-edit_templates.php Fatal error: Allowed memory size of 67108864 bytes exhausted (tried to allocate 277 bytes) in /home2/dmuuccom/public_html/members/lib/init/initlib.php on line 187 We absolutely need to edit the home page, so this needs to be fixed asap. Any suggestions would be appreciated. I've searched and searched and haven't found my answer. Thanks! - Joyce |
From: Frank G. <fg-...@da...> - 2012-10-27 02:33:31
|
Hello. On Fri, Oct 26, 2012 at 10:09:17PM -0400, Joyce Dowling wrote: > > Fatal error: Allowed memory size of 67108864 bytes exhausted (tried to > allocate 277 bytes) in > /home2/dmuuccom/public_html/members/lib/init/initlib.php on line 187 Do you have got access to /var/log/apache and error logfiles? Without deeper debugging it's difficult to make good assumptions, but maybe it's a problem with memory_limit in php.ini and you may try to decrease it (sounds odd, I know) to 32M. If this does not work, try to increase it to 128M or 256M - maybe this will help. regards Frank |
From: Joyce D. <joy...@co...> - 2012-10-27 03:33:39
|
Thanks for your reply. No I don't have access to that (or maybe I do if I used Linux, but I don't). From cPanel, I have error logs up to the last 300 which are all from today. The first one is: File does not exist: /&quot;pics, referer: tiki-index.php (this is repeated many times) I have no idea what that file is and why it would be called. Here are others going up starting from the earliest time I have available (I kept creating errors, because I was trying to fix it) 404.shtml also does not exist, "referer: tiki-index.php" (this is repeated many times) File does not exist: favicon.ico - that's always been the case since I never created one. File does not exist: 403.shtml, referer: tiki-editpage.php?page=HomePage (this is repeated many times) SoftException in Application tiki-editpage.php is writeable by group, referer: tiki-index.php (I set it to be writeable because I thought it would help. I've set it back to 755 now) File does not exist: 500.shtml referer: tiki-index.php (this showed up with the previous repeatedly) Now instead of an Internal Server Error, I can see the editor for the Home Page, but when I edit & try to save, I get: Forbidden You don't have permission to access /members/tiki-editpage.php on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. On Oct 26, 2012, at 10:33 PM, Frank Guthausen wrote: > Hello. > > On Fri, Oct 26, 2012 at 10:09:17PM -0400, Joyce Dowling wrote: >> >> Fatal error: Allowed memory size of 67108864 bytes exhausted (tried to >> allocate 277 bytes) in >> /home2/dmuuccom/public_html/members/lib/init/initlib.php on line 187 > > Do you have got access to /var/log/apache and error logfiles? > > Without deeper debugging it's difficult to make good assumptions, but > maybe it's a problem with memory_limit in php.ini and you may try to > decrease it (sounds odd, I know) to 32M. If this does not work, try to > increase it to 128M or 256M - maybe this will help. > > regards > Frank > > ------------------------------------------------------------------------------ > WINDOWS 8 is here. > Millions of people. Your app in 30 days. > Visit The Windows 8 Center at Sourceforge for all your go to resources. > http://windows8center.sourceforge.net/ > join-generation-app-and-make-money-coding-fast/ > _______________________________________________ > TikiWiki-users mailing list > Tik...@li... > https://lists.sourceforge.net/lists/listinfo/tikiwiki-users |
From: Joyce D. <joy...@co...> - 2012-10-27 03:37:38
|
Also, I can't find php.ini in my cpanel even with invisible files turned on and going as far back to the root as I can. I looked visibly and used the search function. On Oct 26, 2012, at 10:33 PM, Frank Guthausen wrote: > Hello. > > On Fri, Oct 26, 2012 at 10:09:17PM -0400, Joyce Dowling wrote: >> >> Fatal error: Allowed memory size of 67108864 bytes exhausted (tried to >> allocate 277 bytes) in >> /home2/dmuuccom/public_html/members/lib/init/initlib.php on line 187 > > Do you have got access to /var/log/apache and error logfiles? > > Without deeper debugging it's difficult to make good assumptions, but > maybe it's a problem with memory_limit in php.ini and you may try to > decrease it (sounds odd, I know) to 32M. If this does not work, try to > increase it to 128M or 256M - maybe this will help. > > regards > Frank > > ------------------------------------------------------------------------------ > WINDOWS 8 is here. > Millions of people. Your app in 30 days. > Visit The Windows 8 Center at Sourceforge for all your go to resources. > http://windows8center.sourceforge.net/ > join-generation-app-and-make-money-coding-fast/ > _______________________________________________ > TikiWiki-users mailing list > Tik...@li... > https://lists.sourceforge.net/lists/listinfo/tikiwiki-users |
From: Frank G. <fg-...@da...> - 2012-10-27 03:54:13
|
On Fri, Oct 26, 2012 at 11:37:24PM -0400, Joyce Dowling wrote: > Also, I can't find php.ini in my cpanel even with invisible files > turned on and going as far back to the root as I can. I looked visibly > and used the search function. You need access to /etc/php5 or something similar. If you are not the server administrator, this may not be possible. But maybe the memory limit is not the problem. regards Frank |
From: Frank G. <fg-...@da...> - 2012-10-27 03:51:51
|
Hello. On Fri, Oct 26, 2012 at 11:33:26PM -0400, Joyce Dowling wrote: > Thanks for your reply. No I don't have access to that (or maybe I do > if I used Linux, but I don't). From cPanel, I have error logs up to > the last 300 which are all from today. The first one is: Ok, this is another method to get some useful information. I omit the stuff which seems not important. > SoftException in Application tiki-editpage.php is writeable by group, > referer: tiki-index.php (I set it to be writeable because I thought it > would help. I've set it back to 755 now) Do you use SuPHP or something similar at the webserver for protection and security reasons? > Now instead of an Internal Server Error, I can see the editor for > the Home Page, but when I edit & try to save, I get: Forbidden This is important, because you changed something and the problem is different now. Beforehand permissions lead to an internal server error because they were not restrictive enough, now they are too restrictive. Seems you have got read access/permission but no write access/permission. > You don't have permission to access /members/tiki-editpage.php on this > server. This seems to be a read permission problem. Please see my new Tiki permission check suite (standalone download is available below at this documentation website) https://doc.tiki.org/Permission+Check and install it. It will not change existing Tiki files, it will add a shell script in Apache document root and a subdirectory. Please set permissions of subdirectories of permissioncheck/ correctly. Then check which sites are visible with the permissions and which are not. The permission models run from paranoia to insane. regards Frank |
From: Joyce D. <joy...@co...> - 2012-10-27 04:02:49
|
On Oct 26, 2012, at 11:51 PM, Frank Guthausen wrote: > Do you use SuPHP or something similar at the webserver for protection > and security reasons? I don't know what SuPHP is, so I guess the answer is "no". The site is insecure and I know it, but it's using a robot noindex with no links to it. Does that make my whole server at risk? I'm doing this as a volunteer for a non-profit. > Please see my new Tiki permission check suite (standalone > download is available below at this documentation website) > https://doc.tiki.org/Permission+Check I'll try this. > You need access to /etc/php5 or something similar I have an etc folder outside the web root, but there's nothing that looks like php anything in there - just passwd, quota, & shadow. Thanks! - Joyce |
From: Frank G. <fg-...@da...> - 2012-10-27 04:16:04
|
On Sat, Oct 27, 2012 at 12:02:36AM -0400, Joyce Dowling wrote: > On Oct 26, 2012, at 11:51 PM, Frank Guthausen wrote: > > Do you use SuPHP or something similar at the webserver for protection > > and security reasons? > > I don't know what SuPHP is, so I guess the answer is "no". SuPHP is a security extension for running several customers' websites on one webserver. It protects customers from/against each other. This is the basic idea on a non-technically level. > The site is insecure and I know it, but it's using a robot noindex > with no links to it. Does that make my whole server at risk? I'm doing > this as a volunteer for a non-profit. The robots.txt or robots meta tag stuff is related to search engines. This is a complete different issue. You may think about that another day, this is not your main problem right now. > > You need access to /etc/php5 or something similar > > I have an etc folder outside the web root, but there's nothing that > looks like php anything in there - just passwd, quota, & shadow. Is this a dedicated server (I guess not), a managed server or just webspace at some hosting service? This is important to find out the appropriate permission model. A lot of trouble just disappears once the permissions are set correctly. The core details of this are due to improvements actually as you can see by date of documentaion and software. regards Frank |
From: Joyce D. <joy...@co...> - 2012-10-27 05:05:35
|
On Oct 26, 2012, at 11:51 PM, Frank Guthausen wrote: > Please see my new Tiki permission check suite Is there supposed to be a program there I can download, because I can't find it. Also, I don't believe I have Shell access and I'm not used to using FTP in the traditional sense (I use Dreamweaver). What is a lay user like me supposed to do? > Is this a dedicated server (I guess not), a managed server or just webspace at some hosting service? Web space at a hosting service. I can check with the host, but I have a feeling I won't get much help there. I've been meaning to move, but we've got a lot to move. If I've got problems now, I think moving will cause more. Can I do a manual permissions check? It might be easier than figuring out your program. Everything seems to be set to 755, except the directories: dump, temp, templates_c, modules/cache are set to 777. Everything inside these directories are 755: backups, css, db, doc, dump, files, games, images, img, import, installer, lang, lib, maps, mods, modules, pics, styles, temp, templates, tiki_tests, tikimovies, whelp Except these are set to 644: 4 js files in temp/public, everything in temp/cache except index.php, and everything inside template_c Most of these files are dated last month, which I think is when the server made some changes. The same day I got a "Notice of Server Migration" so maybe I could get my server to change the permissions if that's why they got changed. Only a few of them are dated today (well, yesterday now) or a couple are on another date since last month. The files that are dated today are: all the files in template_c, temp/cache & temp/public (& all the files in them except htaccess & index.php). The only file in the main directory that has changed since the server migration is error_log (4 today as reported). Should I approach the host about this? Should I give any resource or explanation or just tell them that my files were all changed to 755 when he migrated them? Should I mention that I don't have the resources to change them back and it makes the site insecure? Thanks for all your help! - Joyce |
From: Frank G. <fg-...@da...> - 2012-10-27 15:54:50
|
On Sat, Oct 27, 2012 at 01:05:21AM -0400, Joyce Dowling wrote: > On Oct 26, 2012, at 11:51 PM, Frank Guthausen wrote: > > Please see my new Tiki permission check suite > > Is there supposed to be a program there I can download, because I > can't find it. Also, I don't believe I have Shell access and I'm not > used to using FTP in the traditional sense (I use Dreamweaver). What > is a lay user like me supposed to do? Down (almost at the end) at https://doc.tiki.org/Permission+Check there is a section "List of attached files" and the .zip permissioncheck-20121025-1930-standalone.zip linked as https://doc.tiki.org/tiki-download_wiki_attachment.php?attId=64&page=Permission%20Check&download=y Unzip this either in Tiki's document root on webserver (if possible) or on your client machine and upload it. You do not need the shell script prepare_permissioncheck.sh but you need to upload the directory permissioncheck/ with all its content and subdirs. Maybe you can run sh prepare_permissioncheck.sh enable on Apple clients (not tested yet). Then you go to your website http://example.com/permissioncheck/ It tells you: disabled. You need to copy yes.bin to the grant file and upload it, and you need to correct some permissions with chmod. The settings to prepare this test is described on the documentation page above. Maybe this step is not necessary if you set file permissions before uploading files. Once this is done you see either all left side permissions at http://example.com/permissioncheck/ in green or some are read, but you do not have access (the right side permission number shows 999 in that case). Then you can try to view all check.php in different subdirectories, http://example.com/permissioncheck/paranoia/check.php http://example.com/permissioncheck/paranoia-suphp/check.php and so forth. > Web space at a hosting service. I can check with the host, but I have > a feeling I won't get much help there. I've been meaning to move, but > we've got a lot to move. If I've got problems now, I think moving will > cause more. Web hosters often use SuPHP and this means, to many writing permissions will cause problems. > Can I do a manual permissions check? It might be easier than figuring > out your program. Everything seems to be set to 755, except the > directories: dump, temp, templates_c, modules/cache are set to 777. 777 may be insecure, but this does not explain the problem yet. What are the permissions of your /members/tiki-editpage.php to get access forbidden and what were the permissions to get the internal server error? > Everything inside these directories are 755: Should work. > Except these are set to 644: 4 js files in temp/public, everything in > temp/cache except index.php, and everything inside template_c Maybe we find the problem here. The webserver may need some writing permission, but settings will be different for SuPHP systems. Is the owner or the group of your files different from your user, i.e. is there something like user:httpd or user:www-data ownership? This is not very likely, but possible. > Should I approach the host about this? Should I give any resource or > explanation or just tell them that my files were all changed to 755 > when he migrated them? Should I mention that I don't have the > resources to change them back and it makes the site insecure? Once you've found the correct permission settings you can start to change them to the best security level. regards Frank |
From: Joyce D. <joy...@co...> - 2012-10-27 18:03:48
|
On Oct 27, 2012, at 11:54 AM, Frank Guthausen wrote: > What are the permissions of your /members/tiki-editpage.php to get > access forbidden and what were the permissions to get the internal > server error? It was 755, then I changed it to 777 and then back to 755. Since the permission is the same as it was before the problem, it makes me thing that's not the problem. > Is the owner or the group of your files different from your user, i.e. is > there something like user:httpd or user:www-data ownership? This is > not very likely, but possible. No, I don't think so. Where would I check that? Thanks! - Joyce |
From: Frank G. <fg-...@da...> - 2012-10-27 18:33:49
|
On Sat, Oct 27, 2012 at 02:03:35PM -0400, Joyce Dowling wrote: > On Oct 27, 2012, at 11:54 AM, Frank Guthausen wrote: > > What are the permissions of your /members/tiki-editpage.php to get > > access forbidden and what were the permissions to get the internal > > server error? > > It was 755, then I changed it to 777 and then back to 755. Since the > permission is the same as it was before the problem, it makes me thing > that's not the problem. Is it still possible to produce both errors by switching permissions? > > something like user:httpd or user:www-data ownership? > > No, I don't think so. Where would I check that? Usually with FTP command ls regards Frank |
From: Joyce D. <joy...@co...> - 2012-10-28 05:27:14
|
On Oct 27, 2012, at 2:33 PM, Frank Guthausen wrote: > Is it still possible to produce both errors by switching permissions? I'm not sure what you mean by this. i had the Internal server error when tiki-editpage was 777 and I had the Forbidden error when it's 755. The hosting server answered a support request and said that the permissions would have transferred over exactly as they were and he thinks that they should be set to 755. I explained my problem when he asked & hopefully he'll help me fix it. Also that memory error I get with the template editor. |
From: Frank G. <fg-...@da...> - 2012-10-28 16:08:18
|
On Sun, Oct 28, 2012 at 01:26:59AM -0400, Joyce Dowling wrote: > On Oct 27, 2012, at 2:33 PM, Frank Guthausen wrote: > > Is it still possible to produce both errors by switching permissions? > > I'm not sure what you mean by this. i had the Internal server error > when tiki-editpage was 777 and I had the Forbidden error when it's > 755. This is a hint which makes usage of SuPHP or another webserver security extension likely. Meanwhile I'm convinced this is not the problem. > The hosting server answered a support request and said that the > permissions would have transferred over exactly as they were and he > thinks that they should be set to 755. I explained my problem when he > asked & hopefully he'll help me fix it. Also that memory error I get > with the template editor. This latter problem is maybe a webserver configuration problem. If so, you cannot fix it from inside Tiki. The former problem may be solved by Tiki admin methods. Can you reproduce the error on http://demo.tiki.org/ as showcase? Or at least redo all steps that we can get a hint where the difference is? regards Frank |
From: Frank G. <fg-...@da...> - 2012-10-28 15:54:15
|
Hello. On Fri, Oct 26, 2012 at 11:33:26PM -0400, Joyce Dowling wrote: > > File does not exist: /&quot;pics, referer: tiki-index.php (this is > repeated many times) This may refer to some broken HTML code. The double quote symbol " is encoded as " in HTML and the ampersand & is encoded as & (yes, with an ampersand at the beginning). Maybe somewhere there was "pics which was translated to "pics which was translated to &quot;pics for some reason. Don't worry about this for the moment. > I have no idea what that file is and why it would be called. Here are > others going up starting from the earliest time I have available (I > kept creating errors, because I was trying to fix it) > > 404.shtml also does not exist, "referer: tiki-index.php" (this is > repeated many times) No customized 404 file Don't worry about this for the moment. > File does not exist: favicon.ico - that's always been the case since I > never created one. > > File does not exist: 403.shtml, referer: > tiki-editpage.php?page=HomePage (this is repeated many times) No customized 403 file, but you trigger a 403 by editing HomePage. Don't worry about this for the moment. > SoftException in Application tiki-editpage.php is writeable by group, > referer: tiki-index.php (I set it to be writeable because I thought it > would help. I've set it back to 755 now) This may indicate SuPHP or something similar on the webserver. Don't worry about this for the moment. > File does not exist: 500.shtml referer: tiki-index.php (this showed up > with the previous repeatedly) No customized 500 file. Don't worry about this for the moment. > Now instead of an Internal Server Error, I can see the editor for the > Home Page, but when I edit & try to save, I get: Forbidden This may be caused because you don't have got a HomePage anymore. This could have happended by renaming. But it's an unlikely situation. Or the HomePage was protected from editing by some Tiki setting? Did you ever lock it? This is worth a deeper look. > You don't have permission to access /members/tiki-editpage.php on this > server. This puzzles me - I cannot figure out whether this is a problem with Tiki or with the webserver. This is worth a deeper look. > Additionally, a 404 Not Found error was encountered while trying to > use an ErrorDocument to handle the request. No customized error documents. Don't worry about this for the moment. Another common source for unusual behaviour is Tiki's internal cache. Did you clean it after the error occured? Does the error occur after you clean it? regards Frank |
From: Joyce D. <joy...@co...> - 2012-10-29 20:41:44
|
On Oct 28, 2012, at 11:54 AM, Frank Guthausen wrote: > This may refer to some broken HTML code. The double quote symbol " is > encoded as " in HTML and the ampersand & is encoded as & This is an ongoing problem as any ampersand will duplicate itself. I just try to refrain from using them, but html characters have ampersands in them, too, so sometimes they break also. The server fixed my problem with not being able to edit the home page. He said, "You were triggering a mod_security rule when you were trying to edit your page. I went ahead and disabled the rule". He added memory a couple of times trying to help with the template edit page's error, but to no avail. It must be something in the script. > Another common source for unusual behaviour is Tiki's internal cache. Did you clean it after the error occured? Does the error occur after you clean it? Yes, it didn't help. > Can you reproduce the error on http://demo.tiki.org/ as showcase? Or at > least redo all steps that we can get a hint where the difference is? That sounds very time-consuming with no promise of working. The problem appears only to be on the template edit page and I don't think we'll need to edit the template so we'll just make due for now. Thanks for your continued support. - Joyce |