by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • 15:30
    737simpilot commented #122
  • 15:30
    737simpilot commented #122
  • 15:28
    737simpilot commented #122
  • 15:23
    737simpilot commented #122
  • 11:25
    gizmecano commented #122
  • 09:26
    Maikuolan commented #122
  • 09:19
    Maikuolan commented #122
  • 09:01
    Maikuolan commented #122
  • 08:36
    Maikuolan commented #122
  • 08:36
    Maikuolan commented #122
  • 08:14
    737simpilot commented #122
  • 08:06
    737simpilot commented #122
  • Aug 07 18:45
    gizmecano commented #122
  • Aug 07 18:09
    737simpilot commented #122
  • Aug 07 18:06
    737simpilot commented #122
  • Aug 07 18:05
    737simpilot commented #122
  • Aug 07 11:43

    Maikuolan on master

    Themes update. (compare)

  • Aug 07 11:05
    gizmecano commented #122
  • Aug 07 10:02
    737simpilot commented #122
  • Aug 07 09:02
    DanielRuf commented #122
Caleb Mazalevskis
@Maikuolan
(I test at my localhost, which uses just http, not https, and it works fine there).
setcookie('CIDRAM-ADMIN', $CIDRAM['FE']['Cookie'], $CIDRAM['Now'] + 604800, '/', $CIDRAM['HTTP_HOST'], false, true);
Unless it's some combination of the PHP setting cited, the browser used to access the site, and the way it's being set, all together..? I mean.. it shouldn't cause a problem.. but if it is causing a problem for some reason, it should be reasonably easy to test that out.
Are you able to temporarily toggle those settings at your PHP, and try testing with some different browsers, to see whether the same results are produced or whether it suddenly starts working?
mikeruss1
@mikeruss1
works fine on my localhost too. will try
Caleb Mazalevskis
@Maikuolan
Also, email sent just now. :-)
mikeruss1
@mikeruss1
no change .. sorry, and thank you. Suggest we forget about it for a few days, hopefully more testing will turn up so more clues.
Caleb Mazalevskis
@Maikuolan
:+1:
mikeruss1
@mikeruss1
sorry didnt work, wouldnt login - have emailed my amended code
Aaron
@737simpilot
From what I can understand from what you posted, it sounds like CIDRAM is not working on the test domain, but in the production domain, correct? Are both of these domains on the same host? It looks like the test domain is using CloudFlare since you indicated there is a CloudFlare cookie being set. If this is true, then go back and read exactly what I said about setting a page rule in CloudFlare to omit caching for the CIDRAM directory. You've already been back and fourth to hell and back now about this premise about a potential cookie issue, but at this point that may just be a wild guess from what I'm reading. I can tell you right now that if that test domain is behind CloudFlare the caching mechanism of CloudFlare can and will pose an issue with CIDRAM. I saw it myself and had to create a page rule to omit caching for my CIDRAM directory. It's a least a shot to rule it out.
You said something about CloudFlare costing. That isn't true at all, really. They have a free plan and it's that plan I've been using for at least five years now and it's all I need for a firewall, edge caching ability, and to keep my origin IP hidden behind their reverse proxy. Of course to make sure the IP stays hidden you have to know what to do. I can't tell you how many websites I've seen chose to use CloudFlare and yet use the MX record in CloudFlare from their host which will expose the IP origin right quick. There are many other things as well. I've written all about this on my forum.
Aaron
@737simpilot
If you think you are not even using CloudFlare, then that CloudFlare cookie there for the test domain would be quite odd. Never the less, it would indicate your website traffic is passing through CloudFlare's servers.
mikeruss1
@mikeruss1
Thanks Aaron. I can see from the chrome developer tools that the cidram cookie is not being set. There is no facility on the hosting panel to access cloudfare without paying for it. It does look possible that traffic is going through their network, but the odd thing is that what it's trying to do works ok on my pages. How do I access control of the cloudfare caching pl?
mikeruss1
@mikeruss1
decided to give up with my new hosting provider and will try elsewhere. Its taking up to much of everyones time. It was very cheap ! Example, have been trying to get 404.html working, not difficult you might think. Support dont understand it and keep telling me I am trying to access a file that doesnt exist. Re cookies and cache, have noticed they use something called litespeed cache, maybe thats contributing. Anyway, not worth the time - my apologies to Aaron and Maikuolan.
mikeruss1
@mikeruss1
and what was even funnier, to demonstrate it was working they sent me an image of a page on my production website, with the URL at the top.
Caleb Mazalevskis
@Maikuolan
Yeah.. Litespeed would do it. Similar deal as with Cloudflare caching it: Just need to modify Litespeed's configuration, so as to not cache CIDRAM's directory. But yeah; If they don't understand what you mean when you ask them for support, it might be not worth the effort.
(Not an argument against Litespeed, BTW. I think Aaron uses Litespeed, too. But yeah; Litespeed is generally pretty decent. Just that, this kind of problem, with regards to CIDRAM and caching tools like Cloudflare, Litespeed, etc, is relatively common, across the board).
Finding good hosting providers these days, which don't cost an arm and a leg, isn't particularly easy either, unfortunately.
Aaron
@737simpilot
Very odd there about the CloudFlare cookie then. As I said, you don't have to pay for CloudFlare to use it. A lot if not all websites offer CloudFlare which means in your cPanel you'll see it as an option and it means the host whitelists CloudFlare's IP addresses. But, do not use CloudFlare via the cPanel option. It's entirely not needed and you lose out on a lot of options I'm sure. Anyone with a website can use CloudFlare and as I said for free unless you need the added perks which will cost. YOu just go to CloudFlare's website, create an account and add you DNS Info. As I said though, if you want to keep your origin IP hidden behind CloudFlare there are many things you need to do. I've written about that on my website. I honestly don't know why you had a CloudFlare cookie like that. YOu simply won't have that unless your traffic is being sent through CloudFlare.
Aaron
@737simpilot
As to Litespeed, yes, I have used it with my old host, another host I used and now my current host. I think it's probably the most popular server SAPIs out there at least for the shared hosting environment. And yes, Litespeed now has their own caching crap. I found out about that several years ago when my host behind my back installed a Litespeed caching plug-in in my WordPress site. I don't want or need any other cache to mess around with especially since I don't have any control with purging it as far as I know. I asked my host about this crap and he told me what htaccess code to use to prevent Litespeed from caching. I did that and ripped that BS plug-in out of my website. If you find yourself with Litespeed again I can tell you what the htaccess code it to omit caching from Litespeed. Yeah, I asked if your host has some kind of cache other than what I saw as the use of CloudFlare and totally forgot about Litespeed.
For hosting research, check out the website webhostingtalk.com
Aaron
@737simpilot

Customer support these days is down the drain let me tell you. If I'm talking to CloudFlare or my host they either ask me a question I already gave an answer to in my initial query or say something completely irrelevant to the issue or say something else that I know will not fix the issue at hand. I often find myself fixing my own issues through a hell of a lot of research and testing which can take DAYS! And try as I might, I'm very clear and concise, and explain the issue verbatim. NOPE! They hire idiots!

The last time I had this crap was when the cron wasn't sending me email. So I tried another email just to rule out the other one because of possible blacklisting crap and other email crap I don't know too much about. Despite that cron emails weren't sent. So I opened a ticket with my host explaining everything and they told me it was probably the email. I'm like, HELLO! I already told you I tried two emails with two different domains! It ain't that, yo. So that's what I message them back on how I knew it wasn't an email issue. So it looked like my ticket was escalated to someone who knew what the hell they were talking about and the next day they tell me that in fact there was an error or something preventing emails to be sent from cron. Ya think! In two days the issues was finally rectified and I was able to use the email I used for cron all along.

Aaron
@737simpilot
@Maikuolan Got another IP for you. 194.153.113.13
While true about residential IPs, all of the residential IPs I saw hits from looked to be from infected routers based on the Info. I saw at Shodan. As an example, the IP at Shodan said this or that port was open and when I researched that port it said the the port for the router was open by default and open for attack. I also know that routers can be turned into a zombie botnet if your router has vulnerable firmware or a default username and password among other things. To me it looks like that article might be trying to sell their product. But there could in fact be some truth to it. I know the UA part of it is true at least.
Caleb Mazalevskis
@Maikuolan

"Artificial Intelligence" and "Machine Learning" are such buzz-words nowadays, that they effectively don't mean anything anymore when used in articles like that. Not really sure I would comment about whether I agree or disagree, or whether the claims are BS, in regards to those points in the article, without knowing more about what they're actually trying to say (or, whether they're trying to say anything at all), and I would say to same to just about anything which mentions those things nowadays, unless the articles in question are specifically about those things.

In terms of the hard numbers though, I would agree, and it does reflect my own observations, too. It's also one of the reasons why I try to tell CIDRAM users that they need to keep their signatures as up-to-date as possible: Because the signatures are becoming more and more elaborate as time goes on, and also become more quickly outdated nowadays compared to before, as IP addresses shift more frequently now, and of course, the more fine-tuned signatures are, often also, the more frequently they need to be updated. It's also one of the reasons why I always say that CIDRAM is not a magic bullet, and won't stop everything. I think, what we do, and what we have, is still super useful, still super effectively, and blocks most things, but of course, does not and will not block everything. Using modules like the SFS Module and AbuseIPDB module is super helpful too, and TBH, I wouldn't really want to rely on just the signature files alone for any serious, high-traffic production website.

But yeah. It's one of the things which makes me a little nervous about new network additions to the signature files. Blocking an entire data center? Whatever, no problem -- No legitimate users from there anyway, so pretty much zero chance of false positives. Seeing heaps of bad traffic from a major domestic broadband provider which serves millions of people from countries which your website actually does actively serve? Eh.. Okay, so we'll still do something.. but a lot of care and nuance is needed, because in those cases, we obviously can't just block the entire network.
But yeah. Buzz-words aside, and attempted sales pitch aside (I know nothing about their products, and have never used them before, so again, not going to comment about them).. their basic premise, makes sense.
Old blocking methods aren't totally dead though. Yes, the world have moved on, and the more dedicated, serious botmasters out there will actively work against the measures we have in place, and will try to be as indistinguishable from real people as is possible (e.g., using JavaScript, ghosting as browsers, etc). But, there are still a lot of super dumb bots and botmasters out there, which work on a numbers game, and which aren't as dedicated, and for those guys, the old blocking methods are still useful.
Caleb Mazalevskis
@Maikuolan
We're also not just using old methods though. With module support, reCAPTCHA support, some limited heuristics, etc.. we're not doing too badly, I think. ;-)
Caleb Mazalevskis
@Maikuolan
Re: The issue at Mike's installations. I think I've got a fix for it. But, there's quite a few files modified, so I'm just doing a bit of testing first, to make sure I don't inadvertently break anything else anywhere else. Should have it committed within the next few hours though, I think.
Re: The latest IP suggestion. Haven't had time to look at it yet, but I'll do that later today, too.
Caleb Mazalevskis
@Maikuolan
Re: The latest IP suggestion. Added now. Cheers. :-)
Re: The issue at Mike's installations. Pushed an attempted fix just now.
Aaron
@737simpilot

@Maikuolan Just updated and I see this error_log entry. It could have spat that out on updating and there's only one instance of this error, but never the less figured I'd let you know.

[05-Aug-2020 22:02:53 America/Denver] PHP Notice: Undefined variable: BytesRemoved in /home/cyberpcf/public_html/cidram/vault/frontend_functions.php on line 1845

Caleb Mazalevskis
@Maikuolan
Uh oh.. Cheers. I can see in the code, the reason why that's happening. It's a bug. Not a serious bug, as the consequences of it just means that it might sometimes under-report the number of bytes removed after successfully updating something. But, even so, I appreciate you letting me know about it. Cheers. I'll get a fix sorted out shortly for it.
Caleb Mazalevskis
@Maikuolan
And done. :-)
Caleb Mazalevskis
@Maikuolan
Heh.. Started working on some new themes. Looking so much better than the current default already. 'x.x
Aaron
@737simpilot

@Maikuolan Just got this email from Cronable.

[theme/obscured] – [template_obscured.html] – Checksum error! File rejected!
[theme/obscured] – Failed to update! « +0 bytes | -0 bytes | 0.191 »
[CIDRAM Core] – Component successfully updated. « +17.57 KB | -17.45 KB | 0.453 »
[CIDRAM Front-End] – Component successfully updated. « +5.44 KB | -5.08 KB | 0.241 »

Aaron
@737simpilot
@Maikuolan Got another IP to look into. This one doesn't show up on radar at AbuseIPDB, but its open ports shown at Shodan are interesting. It is a hoster out your way though. 45.132.225.5
Caleb Mazalevskis
@Maikuolan

Huh.. Cheers. Might be that maybe the file in question got modified while committing or something..? Checksum checks doing its job then, if that's the case, I guess. '^.^

I'll try committing it again later tonight, in case that's the case.

But yeah. I updated all the themes and related themes data yesterday, so that's what Cronable was trying to update there, I think.
Cheers. I'll check out the IP shortly.
(Yeah.. Australia used to be pretty good and almost spotlessly clean when it came to the kinds of IPs we want to be blocking in years past. It's been getting a lot worse recently though, unfortunately. You won't see any patriotism or defensiveness from me in that regard though, lol. Australian or not, wherever it's from, something to block is something to block, and I've been adding quite a lot more of them in the past year or so, compared to years prior).
Actually, I don't think I need to look at that one in too much detail. I just checked the ASN for it, the owners, and what they do.. pretty sure I can safely block their whole network without risking accidentally blocking any legitimate human traffic anyway.
I'll add it in later tonight.
Caleb Mazalevskis
@Maikuolan
Oops.. Looks like the changes to the file in question weren't committed at all. Must've missed it when committing earlier. Oh well. Sorted now anyway. Should update fine now. :-)
Aaron
@737simpilot
Yeah, I thought something was off there since I don't edit theme files and what not all the time at all. So I don't see how it could have been modified while cron fired off.
LOL I won't defend the U.S. either when it comes to IP shenanigans. In fact, we may have the most! HAHAHA Just off the top of my head I can think of Amazon, Digital Ocean, Azure, Google Cloud, and the list goes on. Unreal.
Oh! Yeah, I saw in my email today that Cronable updated theme obscured with no issues.