kurraglen Posted December 1, 2022 Share Posted December 1, 2022 I tried to login in to my shop admin area which shows the login screen but enter the username and password, it returns an error: Service Unavailable The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later. Additionally, a 503 Service Unavailable error was encountered while trying to use an ErrorDocument to handle the request. Our site is hosted by Vodien and we have had numerous times when it appears that our cPanel password has been changed but not by us. Whether that has anything to do with it, I'm not sure. Any help would be great, as the support at Vodien is hopeless sometimes. They are suggesting that it is my internet connection, which it isn't. Thanks Bruce Quote Link to comment Share on other sites More sharing options...
bsmither Posted December 1, 2022 Share Posted December 1, 2022 I have not seen a 503 Error, even if it were to have been caused by CubeCart. But, to begin searching for the problem, create the error log. https://forums.cubecart.com/topic/51550-how-to-create-the-error-log/ If no error_log appears, then in Cpanel, find the web server error log. Hopefully your hosting provider has one enabled for your account. Quote Link to comment Share on other sites More sharing options...
kurraglen Posted December 1, 2022 Author Share Posted December 1, 2022 Thanks for that. The last error is showing: [01-Dec-2022 17:07:04 Australia/Sydney] PHP Notice: Possible Phishing attack - Redirection to 'http://kurraglenindustries.com.au/shop/admin_14HXeN.php?_g=login' is not allowed. Please check the value of 'Store URL' in the SSL section of your store settings. in /home/xxxxxxxx/public_html/shop/classes/admin.class.php on line 437 I changed the account to x's for security. I just checked previous errors, which show: [25-Nov-2022 16:46:44 Australia/Sydney] PHP Warning: Security Warning: Illegal array key "bxMY=5800_AND_1=1_UNION_ALL_SELECT_1,NULL,'<script>alert("XSS")</script>',table_name_FROM_information_schema_tables_WHERE_2>1--/**/;_EXEC_xp_cmdshell('cat___/__/__/etc/passwd')#" was detected and was removed. in /home/xxxxxxxx/public_html/shop/classes/sanitize.class.php on line 114 [25-Nov-2022 17:03:23 Australia/Sydney] PHP Warning: Security Warning: Illegal array key "bMIr=1773_AND_1=1_UNION_ALL_SELECT_1,NULL,'<script>alert("XSS")</script>',table_name_FROM_information_schema_tables_WHERE_2>1--/**/;_EXEC_xp_cmdshell('cat___/__/__/etc/passwd')#" was detected and was removed. in /home/xxxxxxxx/public_html/shop/classes/sanitize.class.php on line 114 [25-Nov-2022 17:03:23 Australia/Sydney] PHP Warning: Invalid Security Token in /home/xxxxxxxx/public_html/shop/classes/sanitize.class.php on line 155 [25-Nov-2022 17:03:39 Australia/Sydney] PHP Warning: Invalid Security Token in /home/xxxxxxxx/public_html/shop/classes/sanitize.class.php on line 155 Quote Link to comment Share on other sites More sharing options...
bsmither Posted December 1, 2022 Share Posted December 1, 2022 The first Notice is expected. That happens all the time. That one is not one to worry about. The other four seems to be a miscreant making attempts at penetration testing - SQL Injection. As such, and if there are a lot of these errors logged, it could be (just a scientific wild guess) there is a security appliance taking notice of these attempts and is shutting down access to your site momentarily. As said, that is just a wild guess. If your hosting provider's tech support can be reached, maybe having a conversation about what they do for penetration blocking and how that may affect your site is in order. Cpanel will also have web access logs. You can match up the minute/second time (adjust hours for time zone) to learn of the IP address of these penetration attempts. Quote Link to comment Share on other sites More sharing options...
kurraglen Posted December 1, 2022 Author Share Posted December 1, 2022 Thanks very much for your feedback. I'll keep pestering Vodien. Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 27, 2023 Share Posted January 27, 2023 Did you ever got it fixed? Quote Link to comment Share on other sites More sharing options...
kurraglen Posted January 27, 2023 Author Share Posted January 27, 2023 Yes, eventually. My Cubecart site and 2 other websites that I have, as well as a lot of others on the same shared server were infected with malware and kept regenerating files like about.php, lock360.php or radio.php and modifying index and htaccess files. Vodien hosting support was hopeless and they couldn't fix it, so eventually I spent hours finding and removing a lot of files that didn't belong there. I gave Vodien the flick and changed over to VentraIP and the problem no longer exists and the sites load a lot faster. I am not convinced that it was just the malware that was causing the 503 error. I suspect that it was an issue with the server itself that Vodien was having intermittent problems with and seemed that they were incapable of rectifying it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.