|
Heather Stover
|
December 23, 2014 at 11:57 pm
After having successful registrations last month, I just found out that after clicking the registration button, now an error came up
418 unusedunused
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, webmaster@charmcitybasketball.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
I have no idea what is causing this?
|
|
Tony
|
December 24, 2014 at 6:01 am
Hi Heather,
Can you first try ‘flushing’ you permalinks by going to Dashboard -> Settings -> Permalinks.
Make no changes and simply click ‘Save Changes’.
Then retry.
Can you also try looking through your servers error log file and see if that shows any errors relating to the event pages? You can usually find this within the root directory of your site and is often called error_log or error.log.
|
|
Tony
|
December 24, 2014 at 6:05 am
Just to explain a little of the above.
What I suspect has happened is your host has updated the mod_security rules to block base64 encoded objects/urls, the ticket selector is base64 encoded after you select your tickets and we have seen similar issues on some shared hosting.
You may also want to open a ticket with your hosting and ask them if they are blocking base64 urls/object using one of your event pages as a reference.
|
|
Heather Stover
|
December 24, 2014 at 8:16 am
The permalink flushing didn’t do anything, I have opened a ticket with support.
Is there anything else I can do in the mean time? This is for registrations this weekend and I don’t understand why it worked last tournament but now it’s throwing out that error.
Thanks for your help.
|
|
Lorenzo Orlando Caum
|
December 24, 2014 at 9:34 am
Hi Heather, that error doesn’t look familiar so I ran a search over on WordPress.org and found this:
https://wordpress.org/support/topic/418-unused-page-error
Does this happen in a specific web browser?
Can you email us the URL for the event to:
support [at] eventespresso.com
Thanks.
—
Lorenzo
|
|
Guillaume Goyette
|
December 26, 2014 at 11:17 am
I have the same error and I think Tony has the right explanation since it happens in the past : https://eventespresso.com/topic/ee4-4-4-4-p-and-dreamhost-mod_security-rule-interference/
I am also with dreamhost and I just opened a ticket with their support
FYI :
— Permalink flushing did not solve the problem
— Deleting the cache did not helped either
I think Dreamhost will need to adjust their mod_security again, do you have other information that I sould forward to Dreamhost ?
Thanks
|
|
Josh
|
December 26, 2014 at 11:37 am
You can ask them to check the error logs for something like this:
ModSecurity: Access
denied with code 418 (phase 2). Matched phrase “message” at
ARGS:tkt-slctr-event-xxxx. [file
“(mod_sec configuration file)”]
Event Espresso 4 has the word “message” along with other data about the tickets encoded in a base64 argument when it processes the ticket selection. The encoding is done to avoid hitting the database for all the information about the tickets.
Dreamhost has told us that mod security rules are set to look for specific keywords that are base64 encoded by spammers. When they are found, it’s set up to stop the request.
In particular they’re looking for keywords involved with attacks on the latest Drupal 7 exploit.
|
|
Guillaume Goyette
|
December 26, 2014 at 11:49 am
Thanks Josh, I will mention that when they will get back to me !
Guillaume
|
|
Tony
|
December 26, 2014 at 12:18 pm
Is there anything else I can do in the mean time? This is for registrations this weekend and I don’t understand why it worked last tournament but now it’s throwing out that error.
We’ve had a few reports of hosts updating the mod_sec rules recently due to an exploit found within Drupal, for example here:
https://www.drupal.org/drupalsa05FAQ
Which would explain why this worked previously.
Is this shared hosting? If so it is unlikely you will have access to be able to change this unfortunately.
|
|
Guillaume Goyette
|
December 26, 2014 at 2:00 pm
Hello,
The first answer that I got from Dreamhost is this one
I asked a security engineer and they said you can temporarily turn off
Extra Web Security in the panel -> Manage Domains -> affected domain for
the time being. They recommend that you contact the plugin/theme
developer of the code that is giving you the issue and have them
investigate your code. If any if the scripts you are using are invoking
any of the following:
wget GLOBALS base64_decode passwd ,amo! ,amo WQGP wqgp a:0:{} curl ../../
our security daemon will prohibit the action, as attackers are exploiting
sites using the above strings. The security engineer said they are going
to review the case and make adjustments where is needed, but they believe
these are legitimate blocks. Again, please contact the developer of the
script you are trying to use, so they can adjust their code. If there is
anything else you need help with, please let me know! Thanks! Have a
great day!
Anthony S
I answered by copying what Josh wrote here in my conversation to the Dreamhost support team and I added this :
So I understand why you block base64 but it seams that is needed by my plugin, Is there a way that you adjust the security settings of my domains
just to let this specific use of base64 ?
And they answered this :
Hello,
Thank you for contacting DreamHost support.
I’m sorry, but this is not possible with the current version of
modsecurity. We are planning to allow htaccess overrides, but that is
still some time away.
Please let us know if we can assist you with anything else and again, I’m
sorry that we were not able to assist you with this.
Cyrus
So my only solution is to turn off Extra Web Security like they told me in the first answer ?? Is is secure ??
|
|
Guillaume Goyette
|
December 26, 2014 at 2:06 pm
I just read that it is not a good idea to turn off Dreamhost Extra Web Security,
http://wiki.dreamhost.com/Mod_security
I will just do it for few minutes for testing if its solve my problem and give my feedback here
|
|
Josh
|
December 26, 2014 at 2:09 pm
Hi there,
I cannot answer that question because I don’t know the ins and outs of your server’s set up. I can respond to this assertion the engineer makes:
“but they believe these are legitimate blocks”
If they can look in the error logs and see that they are blocking the Event Espresso ticket selector, that’s an indication that it’s not a legitimate block.
Another solution is to move to another host that’s not blocking the encoding/decoding functions that the ticket selector uses.
|
|
Guillaume Goyette
|
December 26, 2014 at 2:20 pm
Yes, its working, so it is really mod_security related…
Since Dreamhost is not really helping, anything I can change in EE to solve the problem ??
And by curiosity, why it was working not long ago ??
|
|
Guillaume Goyette
|
December 26, 2014 at 2:24 pm
Oh, I answered before seeing your last reply… Thanks for the info, I am forwarding this to them 😉
|
|
Josh
|
December 26, 2014 at 2:59 pm
Hi there,
There isn’t anything in EE that can be changed in this case. The ticket selector relies on not getting blocked by mod_security and EE doesn’t override a server’s mod_security settings.
|
|
Guillaume Goyette
|
December 26, 2014 at 3:03 pm
Thanks for your help Josh.
I have also received an answer from another dremhost support staff assuring me for a quick fix about this
Have a nice holidays !!
I see the light
|
|
Lorenzo Orlando Caum
|
December 29, 2014 at 9:46 am
Hi Guillaume,
Was Dreamhost able to get this working for you?
—
Lorenzo
|
|
Guillaume Goyette
|
December 29, 2014 at 6:01 pm
Not yet, I am still waiting their answer
I will keep you updated
|
|
Guillaume Goyette
|
January 6, 2015 at 11:55 am
Hello Event Espresso Support team
Finnaly Dreamhost did a change and I am now able to register with my EE installation !
Thanks for your advise !!
|
|
Lorenzo Orlando Caum
|
January 6, 2015 at 12:31 pm
Glad to hear its now working. Enjoy your week Guillaume!
|
