Home › Forums › BulletProof Security Pro › PHP Error filesize stat failed, non-WordPress files quarantined
Tagged: Add Folders and Files, non-WordPress files quarantined, quarantine loop, zip archives, zip files
- This topic has 18 replies, 2 voices, and was last updated 11 years, 5 months ago by AITpro Admin.
-
AuthorPosts
-
DavidParticipant
I’ve just added a non-WP top level folder to my autorestore with all sub-folders and files added. One sub-folder contains around 50 zip archives. I’m seeing a ton of PHP errors all relating to filesize():
[16-Jun-2013 07:17:23 UTC] PHP Warning: filesize() [function.filesize]: stat failed for /home/xxx/public_html/xxx/wp-content/bps-backup/autorestore/added-files/ki/packages/evip-vp-1000450.zip in /home/xxx/public_html/xxx/wp-content/plugins/bulletproof-security/includes/functions.php on line 4149
The files aren’t particularly large, 1-3MB.
The errors keep regenerating, so I removed the zips from autorestore, now I get a ton of quarantine errors! Every time I restore one of these zips in ARQ it comes back again. I had to turn ARQ off, and it’s still off now.
Please help!
AITpro AdminKeymasterMy first question is this. Are these zip files publicly downloadable or are they private zip files that you do not want to be publicly downloadable.
DavidParticipantPublic. They’re quite safe, they’re e-learning content packages. I can send you a link, I was just a bit wary about publishing the root path to my server in the forum. You can download other equivalent files on my site that’s running BPS Pro here (Content Package download link): http://www.virtualpatients.eu/referatory/
I’ve done a little more digging. The non-WP folder I added had these zips in a sub-directory. Once I saw the PHP error, I removed them using Remove Added Folders/Files Search. The parent folder and files are still in Add Folders & Files, verified by looking in the backups folder.
But when the zips got quarantined they were placed in the top level of the quarantine folder, not in the added folder/sub-folder.
I checked in the database and there’s no reference to the zips in the added files table so at least as far as the database is concerned they have been removed.
The last bit of research I found suggested that the original PHP Warning: filesize() error may have been because the function was called on files that didn’t exist. Which could be related to the quarantined zip files location being different to where they were originally? Just guessing 🙂
If I turn off the ARQ cron check, then restore the quarantined files, I can verify they go back to their correct location. As soon as I re-enable the ARQ check they get quarantined again but to the top level of the quarantine folder.
Thanks for your help!
AITpro AdminKeymasterMost likely the problem that is occurring is this. You actually want to protect a specific folder and not a top level folder. Delete/Remove any added files paths that you have added for this particular folder using Remove Added Folders/Files Search tool and then choose the Add a Specific Folder option for just the folder or folders that you want to monitor and protect and exclude the zip folder by not choosing the Add Top Level Folder option.
Example assuming folderB contains the zip files that you do not want to monitor, but you do want to monitor and protect folderA:
/folderA/folderB
You would choose the Add a Specific Folder option and add the path to folderA instead of the Add Top Level Folder option.
Blue Read Me help button help info on the Add / Exclude Static Files page
Add Top Level Folder option
Best Recommend use is to select the Add Top Level Folder option to add an entire non-WordPress folder to backup and to be checked by the ARQ Cron. Example: You have a Top Level non-WordPress Folder named orange. The folder path is /xxxxx/xxxxx/orange. You would select the Add Top Level Folder option and then enter the folder path to this folder /xxxxx/xxxxx/orange in the Enter an Add Folder or File Path text box and click the Add button. Additional Add options are Add a Specific Folder and Add An Individual File.Add A Specific Folder option
Adding a specific folder can be used for adding ONLY a specific folder and all files in that specific folder – no subfolders of that specific folder will be added to backup and checked by the ARQ Cron. Example: You have a subfolder named orange-subfolder inside of the Top Level Folder named orange. The folder path is /xxxxx/xxxxx/orange/orange-subfolder. By adding only the specific folder orange-subfolder ONLY the files in that folder will be added to backup and checked by the ARQ Cron. Any files in the parent folder /xxxxx/xxxxx/orange/ will NOT be added to backup and be checked by the ARQ Cron and any subfolders of the /orange-subfolder will not be added to backup and checked by the ARQ Cron. Example: /xxxxx/xxxxx/orange/orange-subfolder/another-subfolder. The files in the /another-subfolder subfolder will not be backed up or checked by the ARQ Cron.Add An Individual File option
Add an individual file will add just a single file to backup and be checked by the ARQ Cron. The most likely use for this would be if you are working on a particular file and you do not want the ARQ Cron to check it while you are working on it you would use the Remove Added Folders/Files Search tool to temporarily remove this file and after you are finished working on the file you would select the Add An Individual File option to add the file back to backup to be checked again by the ARQ Cron. You would enter the full path and filename in the Enter an Add Folder or File Path text box. Example: /xxxxx/xxxxx/orange/orange-subfolder/orange.php.AITpro AdminKeymasterLooking at the php error the logical folder that you want to protect is the /ki/ folder, but not the /packages/ folder containing the zip files.
/ki/packages/evip-vp-1000450.zip
So you would choose the Add A Specific Folder option and add the full path to the /ki/ folder.
Example: /full/path/to/ki/
DavidParticipantThanks. I did read the help before adding the folder and concluded it was a top-level folder I wanted to monitor. This folder has been the target of a intrusion/hack attempt in the past (timthumb). The folder contains some php, html, js, images and a sub-folder of these zips.
The top-level folder is /ki and the zips are in /ki/packages. I want to be able to monitor everything that’s in /ki
I’ve now removed all the remaining added /ki files using Remove Added Folders/Files Search tool and checked there’s no reference to any /ki file in the _bpspro_arq_add database table.
The zips are still in quarantine. I’ve not tried restoring them again just yet because part of the problem is restoring does the following:
1. Copies the quarantined file to the autorestore backup folder and overwrites the backed up copy of the file.
They’re not in the autorestore backup folder (or rather shouldn’t be because I previously removed them as per first message in this thread) so autorestore is sending the files around in circles. How do I break the cycle and put the files back without having them quarantined?
AITpro AdminKeymasterIf you want to monitor and protect the entire top level ki folder including all subfolders and files (including the zip files) then keep in mind that anytime you modify a zip file or add a new zip file it will be sent to Quarantine, unless you turn off AutoRestore when modifying, adding or uploading new zip files, back up the added files folder again before turning AutoRestore back on.
The added files option is more for static files and is not really designed for dynamic files that will change often. Typically you want to tell AutoRestore NOT to check files that are dynamically updated, modified or added, otherwise AutoRestore will do what it is supposed to do – it will see that something has changed in website files and will autorestore or quarantine the file.
So the question is now this. How often will the zip files be changed, modified or uploaded dynamically? Zip files themselves are not vulnerable to being exploited. A zip archive file cannot be hacked.
AITpro AdminKeymasterIn order to restore a file to a folder and not have it be quarantined in a continuous loop the folder where you are restoring files too has to exist. When you restore files from Quarantine it copies the file back to the original folder location where the file was autorestored or quarantined from and ALSO copies the file to the autorestore backup folder. This way the 2 files match exactly.
AITpro AdminKeymasterMaybe a better approach would be to do something like this.
Choose the Add A Specific Folder option and add the full path to the /ki/ folder to protect all the /ki/ files and then add ONLY specific files in the /packages/ folder by choosing the Add An Individual File option and add all the individual files (file paths) that you want to monitor and protect in the /packages folder.
DavidParticipantThat’s the odd thing in this case. The original folder at WP top level does exist /ki/packages and when I restore the zips they go back to where they should. But then when they get quarantined they go into the top level of the quarantine folder. Somehow there’s the mismatch. The restore function knows where they should go, but the quarantine function doesn’t.
The zips themselves and their containing folder are static, they’ve not changed for 2 years and won’t change in the future.
If I can get them back out of quarantine then I think the simplest is to make the /ki folder not writable, as it too will not change in the future. Essentially the whole web site is now static (albeit served dynamically via WP) as it’s an archived project.
AITpro AdminKeymasterOh I see what you meant now. Nope this is completely normal for the Quarantine folder. In order for Quarantine to work correctly folders CANNOT be created within the Quarantine folder. The ARQ DB table keeps track of the path information and also does several other advanced things to handle duplicate file names. ie let’s say a file named index.php is quarantined for this folder /folderA and an index.php file is quarantined for /folderB. If you look in the quarantine folder you will see 2 files named index.php. This is technically not possible to do (have 2 exact file names side by side without overwriting occurring), but like I said some very advanced things are occuring with ARQ. 😉 So you can disregard what you see visually when looking at the quarantine folder manually. Everything is handled at the DB level and all file manipulations should be done using ONLY the ARQ tools. It is very rare when you will need to manually do anything with files and this can cause catastrophic results so it is not recommended that you manipulate files manually via FTP ever.
Ok so the basic rule is this. If a folder actually really exists and you have entered a valid path to that folder then when you restore a file from quarantine and both things are true: The folder actually really exists and the path is valid then the continuous quarantine looping problem will not occur. If something is not correct then a continuous loop will continue to happen.
At this point create a temporary WordPress Admin login to this website so I can figure out what is going on. send the login information directly to: edward at ait-pro dot com.
AITpro AdminKeymasterAh I just realized something. You mentioned that you deleted the DB Table. What this means is that there is no longer any record of where the files should be restored too.
Ok so what you need to do is create the Top Level Folder rule again to add the database table entries back into the DB and then you should be able to restore the files without the continuous loop happening.
AITpro AdminKeymasterBut then if the original zip files no longer exist in the actual /ki/packages/ folder then you will need to turn off ARQ and manually add them all back to where they are supposed to be before creating the Top Level Folder rule.
DavidParticipantDone!
I’ll not make any changes until you’ve had a look around 🙂
AITpro AdminKeymasterI cannot login to your site. Looks like you are using the Stealth Login page plugin or another plugin that protects the login page. I will need the additional login parameters.
-
AuthorPosts
- You must be logged in to reply to this topic.