Transition Technology: Ticket Query

#583: tmp files on parrot exceeded inode limit

ed — Mon, 02 Sep 2013 12:28:46 GMT

Users are attempting to purchase a DVD and the cart always zeros out even after attempts to update cart etc.

Laura suggests that this may be a server issue and to start with Chris:

The prob could v likely be on the hosting side, so be worth contacting Chris first (and mention can add to cart all okay when logged in, view cart and alter and get to billing page, so could be a session setting that's changed) -

Does the server have disk space left on /tmp. Session data is most likely written there. (sometimes this cart faff issue can happen because of that.)

Are the PHP Session settings correct/ have they changed recently? Chris can fix this if needing a tweakette in php.ini or other places in the underworld of those types of files.

DB could potentially need check/repair.

Another one is the shop element relies on cookies so if a user has set browser to not accept cookies may poss not work! (but think thats something not to think about here, as I tested as both logged in and logged out with cookies set to work on my browser, logged out got the 'cart empty' faff factor like other users will be getting.)

If Chris can't spot the bug (does sound server side and sessions related from a quick test here, haven't looked at the server logs, but if get a mo later will see if I can), poss good to chat and I can think some more on it, but first thoughts alert me mostly to server side, sometimes a roll back to php 5.2 clicks things back into place (but shouldn't be needed). Be good to see if there is a correlation with any server changes/tweaks happening around same timing that the cart stopped working. Keep me in the loop if it is a server fix-y thing as always interested to hear results on bug fixing on sites.

#778: need access to Parrot

annesley — Wed, 27 Aug 2014 12:16:39 GMT

i need a publicly available WordPress demo install to play with. should this be on Parrot? what (sub)domain can i use?

#538: intransitionmovie.com checks and updates

chris — Tue, 30 Apr 2013 20:02:03 GMT

The http://www.intransitionmovie.com/ site has been migrated to wiki:ParrotServer, the DNS might not have yet updated for everybody.

Laura -- could you check that the site is working OK if you get a chance, especially the ecommerce elements?

There are some outstanding updates, WordPress is version 3.3.2 need updating to 3.5.1 and there are 12 plugins with updates available:

18 installed plugins:
 UA affiliates
 UA affiliates-woocommerce-light
 UA akismet
  A backupwordpress
 UI bad-behavior
 UA bwp-minify
  A contact-form-7
 UA event-o-matic
  A transposh-translation-filter-for-wordpress
 UA usernoise
  A woocommerce
 UA woocommerce-export-csv
  A woocommerce-currency-converter
 UA woocommerce-dynamic-pricing
  A woocommerce-delivery-notes
 UA woocommerce-shipping-table-rate
 UA wp-customer-reviews
 UI wp-super-cache
Legend: A = Active, I = Inactive, U = Update Available

I'm happy to do all these updates but I wouldn't know what exactly to check to see that the updates don't break anything -- would Laura be able to help with a quick check that updates haven't broken anything?

#811: WordPress critical security release

chris — Thu, 20 Nov 2014 20:25:07 GMT

From the blog:

WordPress 4.0.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.

Sites that support automatic background updates will be updated to WordPress 4.0.1 within the next few hours. If you are still on WordPress 3.9.2, 3.8.4, or 3.7.4, you will be updated to 3.9.3, 3.8.5, or 3.7.5 to keep everything secure. (We don’t support older versions, so please update to 4.0.1 for the latest and greatest.)

WordPress versions 3.9.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.

#594: WordPress 3.6.1 Maintenance and Security Release

chris — Wed, 11 Sep 2013 22:05:01 GMT

The following is from http://wordpress.org/news/2013/09/wordpress-3-6-1/

WordPress 3.6.1 is also a security release for all previous WordPress versions and we strongly encourage you to update your sites immediately. It addresses three issues fixed by the WordPress security team:

Block unsafe PHP unserialization that could occur in limited situations and setups, which can lead to remote code execution. Reported by Tom Van Goethem.
Prevent a user with an Author role, using a specially crafted request, from being able to create a post “written by” another user. Reported by Anakorn Kyavatanakij.
Fix insufficient input validation that could result in redirecting or leading a user to another website. Reported by Dave Cummo, a Northrup Grumman subcontractor for the U.S. Centers for Disease Control and Prevention.
Additionally, we’ve adjusted security restrictions around file uploads to mitigate the potential for cross-site scripting.

#699: Update Core & Plugins on transitionculture.org

sam — Mon, 10 Mar 2014 11:46:33 GMT

This site needs an update.

I'll do a database backup then update it.

#550: Transition Town Totnes migration

chris — Sun, 19 May 2013 14:59:44 GMT

It has been agreed to migrate Transition Town Totnes, http://transitiontowntotnes.org/ to wiki:ParrotServer and this ticket has been created to record this process and the time spent on it and the documentation of the migration.

There is also an issue regarding what, if anything, to do with the old Drupal site at http://archive.transitiontowntotnes.org/

#577: Transition Streets Wordpress Migration

chris — Tue, 06 Aug 2013 21:28:25 GMT

This is a ticket to document the migration of the Transition Totnes http://www.transitionstreets.org.uk/ wiki:WordPress site to wiki:ParrotServer.

#656: Spam being sent out via Transition Culture

chris — Sat, 14 Dec 2013 14:48:21 GMT

I'm getting several of thee day day:

From: Mail Delivery System <Mailer-Daemon@parrot.webarch.net>
Date: Sat, 14 Dec 2013 13:21:02 +0000
To: tc@parrot.webarch.net
Subject: Mail delivery failed: returning message to sender
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
  inxzkysnf@gmail.com
    SMTP error from remote mail server after RCPT TO:<inxzkysnf@gmail.com>:
    host gmail-smtp-in.l.google.com [173.194.78.26]:
    550-5.1.1 The email account that you tried to reach does not exist. Please try
    550-5.1.1 double-checking the recipient's email address for typos or
    550-5.1.1 unnecessary spaces. Learn more at
    550 5.1.1 http://support.google.com/mail/bin/answer.py?answer=6596 l11si2175565wjw.16 - gsmtp
------ This is a copy of the message, including all the headers. ------
Return-path: <tc@parrot.webarch.net>
Received: from tc (uid=1011)
        by parrot.webarch.net with local (Exim 4.80)
        (envelope-from <tc@parrot.webarch.net>)
        id 1Vrp9L-0002BF-Kf
        for inxzkysnf@gmail.com; Sat, 14 Dec 2013 13:20:56 +0000
To: inxzkysnf@gmail.com
Subject: Thanks for your message
X-PHP-Originating-Script: 1011:lib_nonajax.php
From: robjhopkins@gmail.com
Reply-To: robjhopkins@gmail.com
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----MIME_BOUNDRY_main_message"
Message-Id: <E1Vrp9L-0002BF-Kf@parrot.webarch.net>
Date: Sat, 14 Dec 2013 13:20:55 +0000
This is a multi-part message in MIME format.
------MIME_BOUNDRY_main_message
Content-Type: text/plain; charset="UTF-8"; format=flowed
Content-Transfer-Encoding: quoted-printable
Dear timberland france,
Thank you for your message on the Transition Culture website - I will get back to you as soon as possible.
------MIME_BOUNDRY_main_message
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><BODY>
<div style=3D"font:normal 1em arial; margin-top:10px"><p><strong>Dear timberland france,</strong></p>
<p>Thank you for your message on the Transition Culture website - I will get back to you as soon as possible.
<div style=3D"width:80%; background:#f4faff ; color:#aaa; font-size:11px; padding:10px; margin-top:20px"><strong>This is an automatic
+confirmation message. 14 December, 2013.</strong></div></div></BODY></HTML>

It appears to be spam sent fro the Transition Culture WordPress site to a Gnmail user who doesn't exist.

It appears, from the email headers that this form is being used for the spamming /home/tc/sites/default/wp-content/plugins/contactforms/lib_nonajax.php.

This needs some more investigation.

#687: Set up cert expiry date checking for all SSL certs

chris — Mon, 03 Feb 2014 13:35:01 GMT

Last month the *.transitionnetwork.org cert expired before it was replaced with a new one and users therefore got warnings for around half a day, see ticket:685.

A script to check the expiry dates was set up on wiki:PuffinServer on ticket:685#comment:9 and this ticket is to document setting this up for wiki:PenguinServer and wiki:ParrotServer.

#709: Reconomy sites appears to be sending out spam

chris — Fri, 28 Mar 2014 18:48:53 GMT

This failed email has just been returned:

From: Mail Delivery System <Mailer-Daemon@parrot.webarch.net>
Date: Fri, 28 Mar 2014 18:14:32 +0000
To: recon@parrot.webarch.net
Subject: Mail delivery failed: returning message to sender
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
  fionaward@transitionnetwork.org
    SMTP error from remote mail server after end of data:
    host mx1.spamfiltering.com [72.249.150.158]: 550 An address in this message (at sleepingteensex . com) is listed on
+sbl-multi.rbl.spamrl.com. Please organise removal and retry.
------ This is a copy of the message, including all the headers. ------
Return-path: <recon@parrot.webarch.net>
Received: from recon (uid=1006)
        by parrot.webarch.net with local (Exim 4.80)
        (envelope-from <recon@parrot.webarch.net>)
        id 1WTbIM-0001Sz-6R
        for fionaward@transitionnetwork.org; Fri, 28 Mar 2014 18:14:22 +0000
To: fionaward@transitionnetwork.org
Subject: roulette89
X-PHP-Originating-Script: 1006:class-phpmailer.php
Date: Fri, 28 Mar 2014 18:14:22 +0000
From: casino10 <fmzsb@www.reconomy.org>
Message-ID: <28cbb75557094e41d2f5e7e070dcd660@www.reconomy.org>
X-Priority: 3
X-Mailer: PHPMailer 5.2.4 (http://code.google.com/a/apache-extras.org/p/phpmailer/)
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8
From: casino10 <fmzsb@www.reconomy.org>
Subject: roulette89
Message Body:
интернет казино игровые автоматы рулетка зарубежный <a href= http://pobedim11.sleepingteensex.com/item280.html >можно ли играть в
+игровые автоматы в интернете на деньги</a> игровые автоматы через интернет 3g еще <a href= http://pobedim11.sleepingteensex.com >Новый
+Игровой Автомат</a> казино интернет казань.
--
This mail is sent via contact form on REconomy http://www.reconomyproject.org

#718: REconomy site showing adverts randomly

ed — Thu, 10 Apr 2014 08:19:34 GMT

Load http://www.reconomy.org and the first time you get it, and other times at random and you get spam.

URGENT check please - on REconomy and all WP sites...

#539: REconomy site migration and updates

chris — Wed, 01 May 2013 10:01:00 GMT

This ticket is to keep track of the tasks undertaken and the time spent on the migration of the http://www.reconomy.org/ site to wiki:ParrotServer.

#749: Probs with REconomy site again - compromised?

chris — Thu, 26 Jun 2014 11:18:01 GMT

Email from Laura:

Looks like REconomy website has been compromised again.

Fi contacted this morning via email to say she's received a batch of 'new post' notifications on exceedingly old posts, so I logged into the site to check things out. I noted the footer wasn't correct on the site too displaying 'proudly powered by wordpress' rather than the widgets.

Had a whizz through folders/files via sftp to see any recent changes to files - and in the Reconomy theme files the 404.php and footer.php had been changed with a copy of the default wp twenty something one and base code 64 along the top. The footer was changed on 23/6 at 21.46, and I should have remembered when the 404 was changed before overwriting it - either the same date or time or on the 20/6. I've reinstated the correct files (but have downloaded a copy of the rogue 404 and footer files before replacing them with the correct ones if you wanted a copy for any purpose, though want to nuke these asap from my machine!)

Unlike the last time, no extra 'odd plugins' seem to have been added, nor anything odd by a (very) quick scan in wp-content/uploads folders and sub-folders.

Not sure how this has happened again, be good to know if you can spot anything your side, esp how these attacks happen especially incase I need to do something with the theme files (eg could it be some form of injection attack via the comments form somehow? Can't see how, but just wondering how these things tend to happen!). (do you think the file perms okay on the theme files, maybe worth a check too?). People can't register for an account on the website any longer, new users are added manually (been the case for some while now to stop spam signups)

All wp core is up-to date btw, and I've updated a couple of plugins whilst in there today.

And a follow up:

Following on from previous message just now, and quite poss unrelated altogether to the current site issue, looking at some of their blog posts on the site such as this one - http://www.reconomy.org/get-your-oats-here/, trackbacks come from a scraper type site eg - http://500biz.com/realwealth/get-your-oats-here-community-support-helps-new-enterprise-transform-local-food-supply-chain/ which seems to reprint reconomys posts.

#542: Parrot RAM

chris — Wed, 01 May 2013 20:35:50 GMT

I'm concerned that wiki:ParrotServer might not be able to cope with load spikes due to it only having 1GB of RAM, these are the Munin graphs we need to key an eye on:

If the server runs out of RAM it will basically stop responding.

#631: Move Transition Culture onto PARROT

ed — Mon, 25 Nov 2013 11:57:44 GMT

We are about to move TC onto PARROT. List of likely actions here:

Ed speak to Simon (move the host, keep the developer if poss)
Chris speak to Simon about TC issues - traffic, size etc.
analyse TC traffic and DB size
prepare PARROT
move TC

Chris thinks we'll need to up PARROT to VPS2 + 2 GB RAM

#891: Issue with TTT and REconomy websites after upgrade to WP 4.4

chris — Thu, 17 Dec 2015 11:18:38 GMT

Email from Laura:

Just to let you know there's a bit of an oddity going on with both the TTT and Reconomy websites.

I upgraded to WP 4.4 after running full tests on my local copies here, and for some odd reason images aren't showing on the site. If you try to open an image in the browser eg https://www.reconomy.org/wp-content/uploads/2015/10/hubs-logos-landscape.jpg takes you to the - "Server error! The server encountered an internal error and was unable to complete your request Either the server is overloaded or there was an error in a CGI script. Please return to the front page of the site."

I've updated over 20 sites over the past few days (!) and these are the only two this has happened on. There are a few discussions here, (and have tried the temp fix of various functions.php tweaks in the theme files to see if that helps, but it doesn't)... https://wordpress.org/support/topic/after-upgrade-to-44-media-files-are-not-showing and even though sites are not appearing to use SSL wondering if related somehow to that or other? Has this happened to any other WP 4.4 sites on your servers?

I'll let TTT and REconomy know their site has been updated, but there is a glitch at present.

I've also added Wordfence to the sites too as there are swathes of brute force attacks happening on lots of WP sites everywhere currently and this plugin seems to help somewhat currently. I don't think it's the Wordfence plugin, as disabled it to test the missing images issue.

#710: Incorrect email address for Sam on Transition Culture

chris — Tue, 01 Apr 2014 12:01:47 GMT

I'm seeing quite a few emails like this:

From: Mail Delivery System <Mailer-Daemon@parrot.webarch.net>
Date: Tue, 01 Apr 2014 08:04:28 +0100
To: tc@parrot.webarch.net
Subject: Mail delivery failed: returning message to sender
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
  samrossiter@transitionentwork.org
    Unrouteable address
------ This is a copy of the message, including all the headers. ------
Return-path: <tc@parrot.webarch.net>
Received: from tc (uid=1011)
        by parrot.webarch.net with local (Exim 4.80)
        (envelope-from <tc@parrot.webarch.net>)
        id 1WUskG-0005Rv-Sa
        for samrossiter@transitionentwork.org; Tue, 01 Apr 2014 08:04:28 +0100
To: samrossiter@transitionentwork.org
Subject: [Wordfence Alert] Problems found on Transition Culture
X-PHP-Originating-Script: 1011:class-phpmailer.php
Date: Tue, 1 Apr 2014 07:04:28 +0000
From: WordPress <wordpress@transitionculture.org>
Message-ID: <11e64e1b3cdb24f69d0069ecdc224524@transitionculture.org>
X-Priority: 3
X-Mailer: PHPMailer 5.2.4 (http://code.google.com/a/apache-extras.org/p/phpmailer/)
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8
Wordfence found the following new issues on "Transition Culture".
NOTE: Upgrading to the paid version of Wordfence gives you two factor authentication (sign-in via cellphone)
and country blocking which are both effective methods to block attacks.
You can also schedule when your scans occur with Wordfence Premium.
Click here to sign-up for the Premium version of Wordfence now.
https://www.wordfence.com/wordfence-signup/
Alert generated at Tuesday 1st of April 2014 at 08:04:28 AM
Critical Problems:
* The Plugin "Spam Destroyer" needs an upgrade.

#921: HTTP_PROXY env var vulnerability

chris — Tue, 19 Jul 2016 12:34:30 GMT

See https://httpoxy.org/

#695: File upload problem with TTT WordPress site

chris — Sun, 02 Mar 2014 19:46:50 GMT

Laura has reported:

Had a report this evening that the TTT website isn't letting any uploads happen (adding of a new plugin by another admin, and also media/image uploads not being able to uploaded - no real error message as such just doesn't upload).

I just logged in quickly to see if I could upload a pic to test and wouldn't upload. Just wanted to check if anything had changed server side re permissions.

#911: Disk space for /home on Parrot is running out

chris — Mon, 30 May 2016 20:58:53 GMT

Getting this alert from ParrotServer every 5 mins:

transitionnetwork.org :: parrot.transitionnetwork.org :: Disk usage in percent
        WARNINGs: /home is 96.06 (outside range [:96]).
        OKs: /run/shm is 0.00, /run is 0.09, /dev is 0.00, / is 95.94, / is 95.94, /run/lock is 0.00.

#696: Disk space error on parrot for TTT site

chris — Mon, 03 Mar 2014 10:51:46 GMT

Email from Laura:

Message appearing at top of ttt website when I just took a look-

Warning: session_start():
open(/home/ttt/tmp/sess_mnme76d2k5s6vopk5u1it126p5, O_RDWR) failed: No
space left on device (28) in
/home/ttt/sites/default/wp-content/plugins/tt-resource-database/participants-database.php
on line 2534

and something in the sidebar -

Warning: call_user_func_array() expects parameter 1 to be a valid
callback, array must have exactly two members in
/home/ttt/sites/default/wp-includes/plugin.php on line 199

#829: Creation of web space request

ade — Mon, 02 Feb 2015 10:11:03 GMT

Hi Chris, As discussed, can you please set up some webspace on Penguin? If you could also set up a sub-domain of 'projects' and confirm the FTP access details?

Many thanks Ade

#639: earthin site wordpress error

chris — Fri, 29 Nov 2013 14:06:01 GMT

When using wp on the command line for wiki:EarthInheritorsWordPress

PHP Fatal error:  Call to undefined function get_post_format_slugs() in /home/earthin/sites/default/wp-includes/theme.php on line 1264

#914: SSH to parrot please

sam — Wed, 13 Jul 2016 10:58:05 GMT

Hi Chris

Could you set up a SSH account on parrot for:

Kevin support@…

Using this public key

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCgO8Uuk3ry+NvVvScbhV+edjJK8evIwnhoi1in1FtWvFTSjjb0NkZLXN5VEsWzq3TPvECggpAgVtdXFoCbmv6+wLKpLoVR7ZU+qcFOlEhVKju0zFRoIl25O9Hv5YqBPXgwzXKJg/ftiKWllXm6pZ97hAwxPoqBj42jwRlyndNLMozjomvXIxiNzgf95BmY7jVDc/JH2Dixe9poLWknXglTPAVHL5UtiP37dsgJj4JgWH9BqFixlEUopcLHhv6KPZpP5WS476KKV6MeiJhLeBpir8JcmqR84Lsoq2z9PUbZ4HyTUBTlMY4j9npFFF+Wqhrk3wxY6Q8TxdTrQDUC5VZ9GYufRS/ep2GPOg67wyOHoYdW3n7l+bX9+pWktD3KyA0KiJqhKG7BTNuhDYl0JqX396H+p80EAhAtFRj8+CnQRVYzogLGExhrKnlptT88rmqx5uJxSqGuuHrmcgncHH6f+qJzaecirJgFKSyPKtESFtBCAdKjbuh22o1EZTARNpdBWtwKNr3BG7D0RzpgVIoEiAxDw9YRSFHmra8pxd/k7F0ue51JO5RUsMxZ0izrgqHkefE+D6uf151Uj8V9Y+rK8C7Hqnc+bOvwixkkwSfglBIz+Y+3YzhEnCf1yCv2TpFnHGLYu0iDTwubDMBIUogi/m/lmGuR0DYxmpwxFNmNww== root@transition

Thanks

Sam

#915: SSH to parrot please

sam — Wed, 13 Jul 2016 10:58:11 GMT

Hi Chris

Could you set up a SSH account on parrot for:

Kevin support@…

Using this public key

Thanks

Sam