2023-04-28, 07:15:22
(2023-04-25, 23:05:56)islander Wrote:(2023-01-09, 01:00:20)Knobbles Wrote: PHP 8.1
Found today (could not find whether this is already fixed):
/plugins/i18n_base/frontend.class.php on line 24:
explode(): Passing null to parameter #2 ($string) of type string is deprecated
This occurs in function getLanguages().
Fix:
$httplanguages = explode(",", @$_SERVER['HTTP_ACCEPT_LANGUAGE']??'');
(still dont know how $_SERVER['HTTP_ACCEPT_LANGUAGE'] can be null as I used a standard browser, but thats not the point here.)
(2023-04-25, 21:17:21)leestwise Wrote:(2023-04-25, 18:23:09)islander Wrote:(2023-04-25, 06:34:38)leestwise Wrote: FYI: This warning went away after including the following line in the php.ini (phprc on DreamHost) per DreamHost’s relevant help article:
output_buffering = 4096
...lee
Glad you were able to find a solution.
That, unfortunately, was not the solution to the “Internal Server Error” problem. I felt obligated to explain the header modification warning’s resolution because I had brought it up thinking it might be related. It was not.
To recap, the “Internal Server Error” occurs any time I try to save a theme PHP file or gsconfig.php, while editing from within the Massive Admin Theme environment of GS 3.3.18CE. I have verified that PHP (now v8.1.17) error-logging is turned on, but this error never appears in the log.
My next move will be to wipe my website and reinstall GS 3.3.18CE and try again. I will certainly keep you posted.
...lee
You may want to see if you can turn off your Mod Security via cpanel, or whatever control panel your hosting has.
Just to see if it is this that is causing the problem. It is not recommended to leave this turned off though.
After wiping the website and loading only the base GS 3.3.18.1CE, the save of header.inc.php by the theme editor fails. After temporarily turning ModSecurity off, it succeeds. Here are the three log messages generated by ModSecurity:
- [Wed Apr 26 18:55:17.533085 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "108"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <html found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== ''..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.ph...php&s=Edit
- [Wed Apr 26 18:55:17.535610 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Warning. Pattern match "(?:<\\\\?(?:[^x]|x[^m]|xm[^l]|xml[^\\\\s]|xml$|$)|<\\\\?php|\\\\[(?:\\\\/|\\\\\\\\)?php\\\\])" at ARGS:content. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-933-APPLICATION-ATTACK-PHP.conf"] [line "65"] [id "933100"] [msg "PHP Injection Attack: PHP Open Tag Found"] [data "Matched Data: <?p found within ARGS:content: <?php if (!defined('in_gs')) {\\x0d\\x0a die('you cannot load this page directly.');\\x0d\\x0a}\\x0d\\x0a/****************************************************\\x0d\\x0a *\\x0d\\x0a * @file: \\x09\\x09header.inc.php\\x0d\\x0a * @package:\\x09getsimple ce\\x0d\\x0a * @action:\\x09\\x09starter for getsimple cms ce\\x0d\\x0a *\\x0d\\x0a *****************************************************/\\x0d\\x0a?>\\x0d\\x0a\\x0d\\x0a\\x0d\\x0a<!doctype html data->\\x0d\\x0a<html <?php echo ($mode !== '' ?..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-php"] [tag "platform-multi"] [tag "attack-injection-php"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/242"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.ph...php&s=Edit
- [Wed Apr 26 18:55:17.545415 2023] [:error] [pid 177410:tid 124190993872640] [client redacted] [client redacted] ModSecurity: Access denied with code 418 (phase 2). Operator GE matched 7 at TX:anomaly_score. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "stewkitt.com"] [uri "/admin/theme-edit.php"] [unique_id "redacted"], referer: https://stewkitt.com/admin/theme-edit.ph...php&s=Edit
...lee