AeroLogistica Posted January 26, 2023 Share Posted January 26, 2023 So the website loads perfectly, as an user, you can log in and place/check orders, etc yet, if I try to access the BO, put my credentials, and click log in, i get the following error: Service Unavailable The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later. Additionally, a 503 Service Unavailable error was encountered while trying to use an ErrorDocument to handle the request. Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 26, 2023 Share Posted January 26, 2023 Through the hosting account's control panel, you should be able to peruse any error logs that the web server logs to. Also in the control panel, in the database utility phpMyAdmin, you can view the database table CubeCart_system_error_log. Maybe there is a clue having been logged here. Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 26, 2023 Author Share Posted January 26, 2023 Awesome bsmither, I am going to take a look. So no errors but found something interesting, every time I try to log in, followed by the error, it creates a log entry and it thinks the access was a success. Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 26, 2023 Share Posted January 26, 2023 Ok, good to know that CubeCart is getting somewhere authorizing your login -- though I don't know how that could possibly be done based on that password conundrum I mentioned earlier. Don't look in the CubeCart_admin_error_log, look instead in the CubeCart_system_error_log. Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 26, 2023 Author Share Posted January 26, 2023 I know bsmither right? I was even puzzled on how it was creating a YES log, so my guess is that the credentials are indeed accepted but communication with the host breaks off afterwards. Contacted my server, they tested everything on their end and said it was a cubecart issue. I did check that as well and returned empty. I also checked the server error log but nothing pertaining at the specific domain/directory. The crazy thing is that it was fully operational two days ago, tried to resume setting up the shop and surprise haha. Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 26, 2023 Share Posted January 26, 2023 Now we will have to find/create PHP's error log. Please do this: https://forums.cubecart.com/topic/51550-how-to-create-the-error-log/ Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 27, 2023 Author Share Posted January 27, 2023 Done! I did have an error_log file there before for some reason, the website works fine, is just the log in on the BO. I checked the error_log and found no errors today, yet there are some interesting errors that may give a clue. error_log Jan 18 /home/at4gprieu0fh/public_html/loteriagringa.com/play/classes/sanitize.class.php on line 155 [18-Jan-2023 21:26:26 UTC] PHP Notice: Possible Phishing attack - Redirection to 'https://loteriagringa.com/play/admin_cxctg5.php?_g=login' is not allowed. in /home/at4gprieu0fh/public_html/loteriagringa.com/play/classes/admin.class.php on line 438 Jan 18 [18-Jan-2023 22:16:43 UTC] PHP Warning: Invalid Security Token in /home/at4gprieu0fh/public_html/loteriagringa.com/play/classes/sanitize.class.php on line 155 Sanitize_class.php (see image) I started seeing this error (CSRF) on my dashboard and then on the admin log in page, it must have triggered the website (BO) into some sort of safe mode? Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 27, 2023 Author Share Posted January 27, 2023 (edited) Ok so I said, screw it, I am going back to a backup copy and start fresh, will probably lose 4 hours of work, so I did, and problem persisted, now I am clueless! It has to be an issue with the server, even though they swore earlier that everything was good at their end, they even said it was CC issue. I have two directories with the same CC version (6.2.9), yet they are different installs and don't share anything, pretty much I have it just for backup/testing purposes. They both present the same issue with the 503 error, so, it makes me think is the server. Is also interesting how the FO is not affected, customers can log in and navigate through the admin, the error is strictly for BO -> dashboard. Edited January 27, 2023 by AeroLogistica Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 27, 2023 Share Posted January 27, 2023 (edited) Ignore the phishing attack messages. It's a known issue and is absolutely misleading and harmless. It will get fixed one of these days. The Invalid Security Token messages are dated a week ago, so maybe those are from CC629? If so, then what happened there is likely that you used the browser's back button to get a prior page and then saved a form, or had two or more tabs open and saved a form, switched to the second tab and saved the form there, switched to a third tab and saved the form there, etc. In one of the versions in the CC64X family, stringent use of the Security Token was mostly relaxed. Now you can do what you couldn't do as described above. CC629 is not PHP8 compliant. CC649 requires PHP7.4 or higher, latest tested on PHP8.1. No new entries in PHP's error_log file??? Did you find the web server's error logs in your hosted account's control panel? Edited January 27, 2023 by bsmither Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 27, 2023 Author Share Posted January 27, 2023 It returned this two the PHP's error log, but then again. I am running a backed up site from Jan 18: [27-Jan-2023 02:57:24 UTC] PHP Notice: Error: Hook 'attached_documents/hooks/controller.admin.php' was not found in /home/at4gprieu0fh/public_html/loteriagringa.com/play/classes/hookloader.class.php on line 298 [27-Jan-2023 02:57:33 UTC] PHP Notice: Error: Hook 'attached_documents/hooks/controller.index.php' was not found in /home/at4gprieu0fh/public_html/loteriagringa.com/play/classes/hookloader.class.php on line 298 Web server's error logs in my hosted account's control panel don't show anything related to the cube cart directory "play" Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 27, 2023 Share Posted January 27, 2023 Please remind us what version of PHP that the CubeCart installations are running under. There seems to be a third-party plugin, "Attached Documents", that is not installed (or not enabled). So, you mentioned that you have two installs that don't share anything. But do they use the same database? Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 27, 2023 Author Share Posted January 27, 2023 Both are running 6.2.9 and they are completely different, unrelated, reason why I am thinking it may be the server even though Godaddy says that everything is good on their side. But then again, it would show a 503 error all over yet the FO works, is just the handling of the BO log in that screw things up. I was even thinking that rolling back to the last working backup would fix the issue. Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 27, 2023 Share Posted January 27, 2023 (edited) Please remind us what version of PHP is running. If the setup folder is still present, even if renamed, then have your browser ask for this page: web_address/setup_folder/info.php -- using the site's web address and the name of the setup folder (if still present). The top table will show the version, and also in the top table, the Server API. Is the third-party plugin "Attached Documents" present in CubeCart's /modules/plugins/ directory? Edited January 27, 2023 by bsmither Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 27, 2023 Author Share Posted January 27, 2023 Yes sorry, I am running 5.6, The attached documents plug in is indeed inside the /modules/plugins/ directory. Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 27, 2023 Author Share Posted January 27, 2023 It's indeed a web server issue because I just installed a fresh copy of Cube Cart 6.2.9 and the BO log in goes into the same 503 error. Did must to have done something because it was working. Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 27, 2023 Author Share Posted January 27, 2023 The odd thing is that it doesn't affect the front end, as it displays the data, customers can also create accounts and view admin panel. It just affects the BO specifically when trying to log in. I uploaded a fresh copy https://www.loteriagringa.com/gameon/ for the FO and for the BO https://www.loteriagringa.com/gameon/admin_xigpye.php user AJ and pwd @eroLogistica to re-create the error. Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 27, 2023 Author Share Posted January 27, 2023 Just finished talking with two different techs from my hosting and everything looks great. RAM, disk usage, etc is perfect so they said is a content issue. The odd thing is that a fresh copy of CC 6.2.9 also generates the 503 error which just puzzle me big time. Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 27, 2023 Share Posted January 27, 2023 This has also been reported by @kurraglen: https://forums.cubecart.com/topic/58161-admin-area-showing-503-error/ Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 27, 2023 Author Share Posted January 27, 2023 Yes, read it and asked kurraglen if he got it sorted it out. Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 27, 2023 Share Posted January 27, 2023 This is interesting: https://github.com/cubecart/v6/issues/438 Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 27, 2023 Author Share Posted January 27, 2023 Interesting, specific to the reviews module, I mean, on an upgrade tons of files can't go wrong. Similar issue though, server not being able to process a php script. Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 27, 2023 Share Posted January 27, 2023 (edited) Yes, that issue in the Github resolved to the Reviews of a product on the storefront. But I believe the underlying cause was that CubeCart was trying to get a resource from a third-party (Gravatar) when gathering all the data necessary to populate the page, and then PHP faulted when the attempted connection to that resource failed due to the server environment forcing (or prioritizing) IPV6 when that connection is not IPV6 compatible. In admin, after successfully logging in, the admin is taken directly to the Dashboard. When collecting the resources to show on the Dashboard, a call is made to Google and a call is made to the RSS feed for News & Announcements Latest Topics at Cubecart.com. Now supposing that you have successfully logged in, my question is why does CubeCart not remember that, making you log in again? As an experiment, before logging in, try going directly to someplace in admin that doesn't do much of anything. Such as: web_address/admin_file.php?_g=phpinfo where web_address and admin_file are specific to your site If you are not logged in, then after clicking the Log In button, you will be taken directly to the PHP Info screen (bypassing the Dashboard). If you do get to the PHP Info screen, then the source of the problem has been narrowed down. Edited January 27, 2023 by bsmither Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 27, 2023 Share Posted January 27, 2023 (edited) As an experiment, please try this edit: In classes/request.class.php, find near lines 80-86: if ($this->_curl) { $this->_curl_options[CURLOPT_HEADER] = $this->_request_return_headers; $this->_curl_options[CURLOPT_RETURNTRANSFER] = $this->_request_return; $this->_curl_options[CURLOPT_VERBOSE] = false; $this->_curl_options[CURLOPT_FAILONERROR] = true; /*$this->_curl_options[CURLOPT_FOLLOWLOCATION] = true;*/ } Change to: if ($this->_curl) { $this->_curl_options[CURLOPT_HTTPHEADER] = array('User-Agent: CubeCart/'.CC_VERSION); $this->_curl_options[CURLOPT_HEADER] = $this->_request_return_headers; $this->_curl_options[CURLOPT_RETURNTRANSFER] = $this->_request_return; $this->_curl_options[CURLOPT_VERBOSE] = false; /* $this->_curl_options[CURLOPT_FAILONERROR] = true; */ /* $this->_curl_options[CURLOPT_FOLLOWLOCATION] = true; */ if (defined('CURLOPT_IPRESOLVE') && defined('CURL_IPRESOLVE_V4')){ $this->curl_options[CURLOPT_IPRESOLVE] = CURL_IPRESOLVE_V4; } } Edited January 27, 2023 by bsmither Quote Link to comment Share on other sites More sharing options...
AeroLogistica Posted January 27, 2023 Author Share Posted January 27, 2023 45 minutes ago, bsmither said: Yes, that issue in the Github resolved to the Reviews of a product on the storefront. But I believe the underlying cause was that CubeCart was trying to get a resource from a third-party (Gravatar) when gathering all the data necessary to populate the page, and then PHP faulted when the attempted connection to that resource failed due to the server environment forcing (or prioritizing) IPV6 when that connection is not IPV6 compatible. In admin, after successfully logging in, the admin is taken directly to the Dashboard. When collecting the resources to show on the Dashboard, a call is made to Google and a call is made to the RSS feed for News & Announcements Latest Topics at Cubecart.com. Now supposing that you have successfully logged in, my question is why does CubeCart not remember that, making you log in again? As an experiment, before logging in, try going directly to someplace in admin that doesn't do much of anything. Such as: web_address/admin_file.php?_g=phpinfo where web_address and admin_file are specific to your site If you are not logged in, then after clicking the Log In button, you will be taken directly to the PHP Info screen (bypassing the Dashboard). If you do get to the PHP Info screen, then the source of the problem has been narrowed down. Holy cow, this worked, I can click the links inside the dashboard. I don't know what would happen if I log out, I guess I could add this to the end every time I log back in. ?_g=phpinfo 18 minutes ago, bsmither said: As an experiment, please try this edit: In classes/request.class.php, find near lines 80-86: if ($this->_curl) { $this->_curl_options[CURLOPT_HEADER] = $this->_request_return_headers; $this->_curl_options[CURLOPT_RETURNTRANSFER] = $this->_request_return; $this->_curl_options[CURLOPT_VERBOSE] = false; $this->_curl_options[CURLOPT_FAILONERROR] = true; /*$this->_curl_options[CURLOPT_FOLLOWLOCATION] = true;*/ } Change to: if ($this->_curl) { $this->_curl_options[CURLOPT_HTTPHEADER] = array('User-Agent: CubeCart/'.CC_VERSION); $this->_curl_options[CURLOPT_HEADER] = $this->_request_return_headers; $this->_curl_options[CURLOPT_RETURNTRANSFER] = $this->_request_return; $this->_curl_options[CURLOPT_VERBOSE] = false; /* $this->_curl_options[CURLOPT_FAILONERROR] = true; */ /* $this->_curl_options[CURLOPT_FOLLOWLOCATION] = true; */ } This didn't do much, unless it helped the solution above (?_g=phpinfo) Quote Link to comment Share on other sites More sharing options...
bsmither Posted January 27, 2023 Share Posted January 27, 2023 (edited) Sorry, I forgot to add the magic sauce to the code to change to. Please reload this forum conversation to see the edits to the above post and make the change to the code again. Edited January 27, 2023 by bsmither Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.