HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


Deployment/Configuration Issue?

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#84811 (In Topic #17475)

Non-joined user

Hi all,

I'm brand new to ocPortal, and am pretty new to trying to set up and run a web site as well, so please forgive any ignorance.

Anyway, I installed ocPortal via Installatron to a shared server using hosting provided by InterActive online.  I was able to log in as the Admin and start making some changes and exploring the ocPortal software.  However, I decided to attempt to create a second account with less privileges so that I could test some of my changes.  I made it all the way through inputting my info but when I clicked Proceed I got this error message:

Not Acceptable
An appropriate representation of the requested resource /index.php could not be found on this server.  
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request."



I tried all the trouble-shooting ideas I could find on the site.  I found the Linux file permissions page and checked those (most of the directory permissions that needed 777 access were not set correctly).  I found suggestion to use the recommended .htaccess file, renamed my default and renamed the recommended.

I also checked the PHP settings info provided by my hosting provider and found this:

 Sub Section Directive Info Value
Language Options asp_tags Allow ASP-style <% %> tags. Off
File Uploads file_uploads Whether to allow HTTP file uploads. On
Paths and Directories include_path Windows: "\path1;\path2" c:\php\includes" .:/usr/lib/php:/usr/local/lib/php
Resource Limits max_execution_time   600
Resource Limits max_input_time   120
Resource Limits memory_limit   512M
Data Handling register_globals You should do your best to write your scripts so that they do not require register_globals to be on; Using form variables as globals can easily lead to possible security problems, if the code is not very well thought of. Off
Language Options safe_mode   Off
main session.save_path where N is an integer. Instead of storing all the session files in /path, what this will do is use subdirectories N-levels deep, and store the session data in those directories. This is useful if you or your OS have problems with lots of files in one directory, and is a more efficient layout for servers that handle lots of sessions. NOTE 1: PHP will not create this directory structure automatically. You can use the script in the ext/session dir for that purpose. NOTE 2: See the section on garbage collection below if you choose to use subdirectories for session storage /var/sessiontmp
File Uploads upload_max_filesize Maximum allowed size for uploaded files. 200M

I don't know if they are running ModSecurity, so I can't comment there.  I have updated permissions on the root Index.php to 755, and have Info.php at 600.

Does anyone have any suggestions?  ocPortal does seem to be close to exactly what I've been looking for, but it's not going to do me any good if I can't let anyone other than the Admin create an account.  :) 

EDIT: I just tried creating a user account as the Admin from the Users menu and go the same issue.

Thanks

Dave
Back to the top
 
Posted
Rating:
#84812
Avatar

modsecurity almost certain. Talk to web host.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#84813

Non-joined user

Thanks Chris,

On a follow-up, I scheduled a Cron job to run the cron_bridge.php file every 5 minutes.  And I'm getting this error:

www/bawiki.com/data/cron_bridge.php: line 1: ?php: No such file or directory
www/bawiki.com/data/cron_bridge.php: line 3: ocPortal: command not found
www/bawiki.com/data/cron_bridge.php: line 4: syntax error near unexpected token `c'
www/bawiki.com/data/cron_bridge.php: line 4: ` Copyright (c) ocProducts, 2004-2012'

I looked at the file and didn't see a closing "?>".  I tried adding that but am still getting the same error.  Is there an updated file?

Lastly, I noticed that ocPortal says I am running version 8, but I installed 7.1.6 from Installatron.  I have no idea if that's a cause of a potential issue or not.

Thanks

Dave

Back to the top
 
Posted
Rating:
#84814
Avatar

What it is is you need to put "php " in front of the command, to run it through PHP. Normally PHP script are not executable directly.

(Closing "?>" are not needed and not desirable. – so that's not an issue)

Lastly, I noticed that ocPortal says I am running version 8, but I installed 7.1.6 from Installatron.  I have no idea if that's a cause of a potential issue or not.

That's interesting. I didn't realise Installatron took the file off our own server, we've updated it but not updated on Installatron yet.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#84815
Avatar

Just to be clear, if it says it is version 8, it is. We give Installatron a package URL, which we update on new versions. I just always assumed they copy that off our server to their own when we update their systems, but it apparently comes off in real-time. So it is v8 even though Installatron doesn't know it.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#84817

Non-joined user

Thanks.  I'll play around with the PHP file and see if can figure what is going on there.

In the meantime, my hosting company managed to fix the error issue by white-listing rule 950801 in mod_security.  I don't see this one mentioned on your Mod_Security page, so you may want to add that as yet another possible change.
Back to the top
 
Posted
Rating:
#84831

Non-joined user

I'm getting another error message now when I try to try to save from the Site Options menu after making changes. The error is:

"Method Not Implemented

GET to /adminzone/index.php not supported.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request."

Any idea if this is another mod_security issue?  If so, can anyone let me know if there are multiple files that need to have exceptions added in mod_security (the original issue was with index.php in the main directory, this seems to be with a similar file in a different directory).

I suspect though that these issues are why I had never heard of ocP and had to spend time digging into a bunch of different packages.  Joomla installed and ran without issues (on a different site, same hosting provider) without issues.

I don't know if you have the power to provide a detailed set of issues or instructions to the Installatron folks (or Installatron hosting provider clients?) that might help others, but I figured I put up the idea if nothing else.  :)

Thanks again for the help. ocP looks very promising and I'm hoping to get an install fully up and running so I can bring in some friends of mine as trial users.

Dave
Back to the top
 
Posted
Rating:
#84845
Avatar

Community saint

If you have already experienced problem with mod_security and your are still having problems saving anything then it is highly probably that it is mod_security.

The Configuring mod_security - ocPortal.com docs are a bit out of date at the moment, so your best bet is to use the 4 sets of to whitelist referenced here:
View topic: Unable to save files using code_editor.php - ocPortal.com

Its best (I know its not absolutely ideal) that you you ask that all the rules be whitelisted against a domain and not a specific file. That's because its a nightmare to try and identify specific rules against specific files.

Also, as you identify new rules (such as 950801), can you please add them to the View topic: Unable to save files using code_editor.php - ocPortal.com thread along with a bit of background as to how they were triggered.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#84861
Avatar

Guest said

Thanks.  I'll play around with the PHP file and see if can figure what is going on there.

In the meantime, my hosting company managed to fix the error issue by white-listing rule 950801 in mod_security.  I don't see this one mentioned on your Mod_Security page, so you may want to add that as yet another possible change.

I've just checked this rule out. It's a real arse of a rule ;).

# Uncomment this rule if your system uses UTF encoding.
#SecRule REQUEST_FILENAME|ARGS|ARGS_NAMES|REQUEST_HEADERS|XML:/*|!REQ
UEST_HEADERS:Referer "@validateUtf8Encoding" "deny,log,auditlog,status:400,msg:'UTF8 Encoding Abuse Attack Attempt',id:'950801',severity:'4'"

The host must have manually uncommented it, which introduces an assumption that the site is running utf8. PHP doesn't even support utf8 without extensions and custom coding methods. The rule means various kinds of punctuation or accented characters that might be introduced in various parts of HTTP request will make it trigger.

modsecurity is getting increasingly annoying around here :S.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#84862
Avatar

temp1024 said

If you have already experienced problem with mod_security and your are still having problems saving anything then it is highly probably that it is mod_security.

The Configuring mod_security - ocPortal.com docs are a bit out of date at the moment, so your best bet is to use the 4 sets of to whitelist referenced here:
View topic: Unable to save files using code_editor.php - ocPortal.com

Its best (I know its not absolutely ideal) that you you ask that all the rules be whitelisted against a domain and not a specific file. That's because its a nightmare to try and identify specific rules against specific files.

Also, as you identify new rules (such as 950801), can you please add them to the View topic: Unable to save files using code_editor.php - ocPortal.com thread along with a bit of background as to how they were triggered.

I've added 950801 to CEDI. Want to incorporate yours? I don't want to tread on your toes as you went to the effort of digging them out, but just copy&pasting the IDs should be fine.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#84863
Avatar

I suspect though that these issues are why I had never heard of ocP and had to spend time digging into a bunch of different packages.  Joomla installed and ran without issues (on a different site, same hosting provider) without issues.

Not really. modsecurity was not really a serious problem until recent months, when hosts have been deploying version 2 of it (which users cannot disable), with increasingly aggressive rules. ocPortal has been around since 2004.

ocPortal is not so well known for various reasons. Most other products have origins tracing back even longer, or have broader appeal due to focusing on make simple things simple (Wordpress).

All this said, modsecurity does stack the cards against us. It defines exceptions for things like Joomla, but we're not going to be able to convince them to do it for ocPortal.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#84864
Avatar

"Method Not Implemented

GET to /adminzone/index.php not supported.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request."

That is a strange one. It might be modsecurity, suphp, or suhosin. Often the wrong file permissions can cause problems with Apache.

Anyway, the web host should be able to tell you, or there might be something in your web server error log.

For most people ocPortal does work out of the box, but as mentioned in my last post, hosts are getting increasingly aggressive with defining very specific security hoops to jump through. Who's the web host?


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#84865
Avatar

Community saint

Chris Graham said

Want to incorporate yours? I don't want to tread on your toes as you went to the effort of digging them out, but just copy&pasting the IDs should be fine.
I was/am already planning on doing so, but I think there was some other info I wanted to add at the same time which distracted me. Now if only I can remember what it was O_o .

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#84867
Avatar

Community saint

Chris Graham said

Not really. modsecurity was not really a serious problem until recent months, when hosts have been deploying version 2 of it (which users cannot disable), with increasingly aggressive rules. ocPortal has been around since 2004.
My site is a perfect example. Last time I did and serious work on it is was maybe 4-5 months ago when I didn't have a single mod_security issue. Then a couple of weeks ago I went to make a few minor changes and mod_security was showing its ugly head at every turn.


Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#84883

Non-joined user

Chris Graham said

"Method Not Implemented

GET to /adminzone/index.php not supported.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request."

That is a strange one. It might be modsecurity, suphp, or suhosin. Often the wrong file permissions can cause problems with Apache.

Anyway, the web host should be able to tell you, or there might be something in your web server error log.

For most people ocPortal does work out of the box, but as mentioned in my last post, hosts are getting increasingly aggressive with defining very specific security hoops to jump through. Who's the web host?

Thanks on the feedback.  I opened a support ticket with my hosting provider (Interactive Online) and will let you all know if they come back with more new lessons on modsecurity.

It's good that these are relatively new issues, and it's unfortunate that ocPortal isn't better know.  It's WAYYY more polished, stable (so far as I can get it work), and better looking than TikiWiki; which was the only similar "all-in-one" type of system that I had come across.  

Dave
Back to the top
 
There are too many online users to list.
Control functions:

Quick reply   Contract

Your name:
Your message: