Error_logs getting quarantined

[Tina Dubinsky]

Well nearly had a successful setup.  The only issue I seem to have is that all my error_logs keep getting sent to Autorestore / quarantine every few seconds. I’ve looked at one but its blank.  So not sure how to stop this from happening.

[AITpro Admin]

BPS is designed to automatically create an AutoRestore Exclude rule for you php error log if you use the recommended location (displayed to you on the PHP error log page) in the /bps-backup/logs folder.  If you have created your own custom php.ini file and chosen you own php error log location then you can go to the AutoRestore page and add an exclude rule to tell ARQ not to check your php error log file since it will obviously be changed/modified on a regular basis.  Please see this section of the BPS Pro Troubleshooting Post >>> http://forum.ait-pro.com/forums/topic/read-me-first-pro/#autorestore-quarantine and also this post regarding calibrating ARQ >>> http://www.ait-pro.com/aitpro-blog/4204/bulletproof-security-pro/arq-infinity-guide-full-website-autorestore-and-full-website-quarantine/ and you will also find help information in the Blue Read Me buttons throughout BPS.  Thanks.

[Tina Dubinsky]

Actually, after going through the installation again etc the problem was a setting by my web host who had recently updated to the most recent php but had not changed a setting from the old version which caused the error files to be quarantined.  I looked into more of the error files which were not blank as I had thought but had this error:  PHP Warning: PHP Startup: Unable to load dynamic library ‘/usr/local/lib/php/extensions/no-debug-non-zts-20090626/ffmpeg.so’
Once I contacted my host, they were able to fix it and I haven’t had any problems with any other set up issues.   But I have another issue that I’ll start a new strand for shortly once I work out if it is BPS stopping me from editing and saving pages.

[AITpro Admin]

Yeah you know some days I wish I had never even attempted to take on automating custom php.ini files or anything at all regarding php.ini files.  😉 php.ini files were a complex issue in PHP5.2.x and now with PHP5.3.x and newer versions of PHP the complexity of using php.ini files is now even more complicated and complex.  php.ini files are not a 1 size fits all thing and every single web host has different setup steps, requirements, restrictions, etc etc etc.  

This ongoing research post I created back a while ago sums it up pretty well – MONDO COMPLEXITY – >>>>http://www.ait-pro.com/aitpro-blog/4349/misc-projects/wordpress-tips-tricks-fixes/php5-3-x-php5-4-x-user-ini-file-does-not-work-known-php5-3-x-user-ini-fastcgi-wordpress-zend-issue/

[Tina Dubinsky]

I love your work.  I purchased your program as I had been hacked.  Decided to scrap everything and restart from scratch (Hacker had put links sending people off to malicious websites)  and I have about 7 personal sites running independent on word press on a shared server.  My webhost is https://certifiedhosting.com/   I don’t think they are on your list at all but there based in California.  Just working on this one domain at the moment to get it fully functional before I begin resetting up the others.  I so want to just get on with the re-adding content, but want to iron out all the issues first.   I’m not an ITC graduate….  but creating websites and using CMS has always been my spare time hobby so I’m very grateful for people like yourself that have these plugins and addons.  First began using PHP Nuke about 12 years ago and then moved to Tiki Wiki which was very complex to admin and just too much hard work though I persevered with it for about 4 years.  Then I came back to look at Word Press about 9 months ago and fell in love with it.   As I said, I’m really grateful for people like yourself who do understand the complexity of these things and make it seem much more simpler for us non ITC people use.  : )  I will go read over the mondo complexity shortly.  Going to stop to have a late breakfast : )   Thanks.

[AITpro Admin]

How ironic. I followed a similar path as you.  I did not really like WP several years ago and went in the Ruby direction and got back into WordPress around 2007.  Yeah WordPress has really come a long way.  It is a beautiful well oiled machine these days.

Ok well if you want to read that post about the new complexities of PHP then be sure to have a bottle of aspirin handy.  It is not fun reading and the intended audience/reader would be a Server Admin.  😉

Thanks for the kind words.  It is always nice to hear positive feedback.  🙂

The new Plugin Firewall needs a bit more work sigh.  So if you activate it be sure to check your BPS Security Log file to see if any plugin scripts need to be manually added to the Plugin Firewall Whitelist.  We are rushing to get BPS Pro 5.4.1 out with a beefed up Whitelist scanner that will look deeper into areas of site to get every possible single frontloading plugin script.  It is not difficult to manually add plugin scripts to the Plugin Firewall Whitelist tool, but this should be completely automated and it will be in BPS Pro 5.4.1.

[AITpro Admin]

Oh and the Whitelist scanner is finding most plugin scripts that need to whitelisted and displaying those plugin script paths, but these are the areas where we need to “walk through” the site:  Contact form pages, login pages and commenting pages.  So if you have plugins that do anything in these 3 areas and they only load their scripts on these areas of the site then the current Whitelist scan will not grab those scripts and display them.

[Tina Dubinsky]

Since I updated to 5.4 this morning, I’m not getting the error any more, I was able to edit at the time, but when I went to save it would ask if I was sure I wanted to do it or go back and doing either would just revert to the old content.  So… not sure if it had anything to do with the 5.4 update but I’m glad its now working 🙂  I don’t seem to have too much issues with my plugins.  I was concerned I might have an issue with my theme which is the purchased version of Pagelines.  I wanted to get the security right though before I began to play around with the theme more. I don’t use too many plugins, like to keep things simple so I can concentrate on content.  Still playing around with everything and since family have hogged my time today – in a nice way, I will have to play further tonight and take a gander at your links above when everyone is sleeping : )   Thanks for all your help and advice. I really appreciate it.

[AITpro Admin]

Excellent!  And yep we extended/expanded/refined a lot of coding checks and automation in BPS Pro 5.4 that were causing random issues here and there for some people depending on numerous and various conditions/scenarios/Server configs, etc.  Writing code is easy – writing code that works perfectly in every possible scenario/configuration/environment, etc etc etc is always the real challenge.  😉

On the issue of the new Plugin Firewall we have decided to add an additional scanning step that will allow folks to add their paths to pages that they want to check for any plugin scripts that need to whitelisted.  Example:  folks will enter the path to wherever their Contact form/page is, click scan and if any plugin scripts need to be whitelisted those plugin scripts will be displayed and can be saved permanently to the Plugin Firewall Whitelist.

We have decided that this is the smartest approach instead of having the Whitelist scanner “walk through” /scan the entire site is really not a practical thing due to the millions of different possible site types, setups, locations of custom pages, etc etc etc.

We should have BPS Pro 5.4.1 completed either today or tomorrow with this new manual scanning feature.

Merry X-Mas

[Deb]

After two weeks of Pro, the blog’s own error_log was quarantined and auto-restored to previous. I viewed both log’s pages side x side.
/home/user/public_html/myblog/error_log

The last two entries of the quarantined error_log were the only differences–identical time stamp. No other entries at all like these two in the entire log – all others look like spam with lots of Asian characters. They never generated the quarantine action before.  See two small entries just below.
I’m not sure what to do.  ??
Should I just leave all alone and delete the new error_log quarantined??

This did not generate a BPS Pro PHP Error log entry.  [Odd–there has not been one of those entries since 8 Apr 13–wonderful.]

[12-Apr-2013 05:04:58] PHP Warning: require_once(/home/user/public_html/myblog/wp-config.php) [function.require-once]: failed to open stream: Too many open files in system in /home/user/public_html/myblog/wp-load.php on line 29

[12-Apr-2013 05:04:58] PHP Fatal error: require_once() [function.require]: Failed opening required '/home/user/public_html/myblog/wp-config.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/user/public_html/myblog/wp-load.php on line 29

[AITpro Admin]

You can only have 1 designated php error log per website or hosting account.  PHP errors will ONLY be logged to whichever log file is specified/designated as the website’s php error log file.

If the Server’s default error_log file is being quarantined repeatedly then you just need to calibrate AutoRestore to exclude this file from being checked by ARQ.

http://forum.ait-pro.com/forums/topic/autorestore-quarantine-guide-read-me-first/#ARQ-Calibration

The site should be using the BPS Pro php error log file.

Please see the BPS Pro setup video tutorial and the part of the setup to look at is the ini_set Options setup:  http://www.ait-pro.com/aitpro-blog/2841/bulletproof-security-pro/bulletproof-security-pro-overview-video-tutorial/

[Deb]

Thanks

Since I have not changed anything on the blog and BPS Pro…  then this is a change on the server??  (this is one domain on the vps)
I don’t know of any changes there either.

In the blog’s root directory, there has always been an error_log  ever since you installed BPS.

[AITpro Admin]

Are you using the BPS Pro php error log or the Server’s default php error log which is always named error_log on every single Host worldwide – this is a standard Apache naming convention for the error log file.

Do you have the most current version of BPS Pro installed?  BPS Pro 5.7.1?  If not, then install the most current version of BPS Pro and watch the setup video tutoral if you have a much older version of BPS Pro installed.  The part of the video tutorial that shows you how to setup the php error log path to the recommended BPS Pro php error log file is the ini_set Options setup.  Or if you have a current version of BPS Pro installed go to P-Security >>> ini_set Options and click the 2 setup buttons.

[AITpro Admin]

And yes it is always possible that your Host made some sort of change on their Servers, but before you ask them about that check the ini_set Options page.

[Deb]

Yes, BPS Pro 5.7.1. Yes, it had been set to BPS Pro php error log (what was quarantined was not the php so named, but just error_log as you note above) and it was still chosen in setup.

Options under P-Security ini_set PHP Error Log Location Set To:  shows:

/home/user/public_html/myblog/wp-content/bps-backup/logs/bps_php_error.log

But I went ahead and again today (as I had a week ago) hit the #1 Save Options and #2 Enable Options buttons.

[Author]

Posts